Wil
@wil_fri3d
Followers
481
Following
271
Media
3
Statuses
163
Joined October 2017
gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.
github.com
gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory environment. - synacktiv/gpoParser
4
170
489
RT @Synacktiv: š„ A few hours ago our experts took the stage at #DEFCON33, sharing cutting-edge research on SCCM exploitation and modern GPOā¦.
0
23
0
RT @Synacktiv: Catch us at #DEFCON33!.@quent0x1 and @wil_fri3d will show how to turn your Active Directory into the attackerās C2. They'llā¦.
0
15
0
RT @mpgn_x64: Thank you all for joining the Star Wars NetExec workshop at @_leHACK_ 2025 with @_zblurx & @wil_fri3d š„šŖ. 50 hackers, 1 roomā¦.
0
34
0
RT @Synacktiv: @wil_fri3d now rocking the stage at #leHACK to present his new tool GPOParser to automate Active Directory GPOs analysis, geā¦.
0
4
0
RT @Synacktiv: Our ninja @kalimer0x00 is now on stage at #x33fcon to talk about his journey from dissecting SCCM until the discovery of theā¦.
0
24
0
RT @LazyTitan33: Excellent article from @Synacktiv detailing CVE-2025-33073. It's an easy peasy LPE on any server where SMB signing is notā¦.
0
94
0
RT @HackAndDo: I'm not sure everyone realizes it, but as it stands, if you have an Active Directory with default configurations, any machinā¦.
0
100
0
Check out how I discover CVE-2025-33073 : RCE with NTLM reflectiv attack allowing authenticated user to compromise any machine without SMB signing enforced !.
Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d.
1
24
169
RT @Synacktiv: Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromiā¦.
0
263
0
RT @x33fcon: Got SCCM? You need to hear this! At #x33fcon, @kalimer0x00 will share insights from his SCCM research, including tradecraft frā¦.
0
7
0
RT @Synacktiv: š This week, @us3r777 & @__pierreg kick off our new Whitebox Vulnerability Research training! Students will dive into PHP, Jā¦.
0
14
0
RT @Synacktiv: Want to master cutting-edge techniques for attacking Azure? Join us this summer at @BlackHatEvents in Vegas for a deep diveā¦.
0
8
0
RT @unsigned_sh0rt: Thanks to @synacktiv's recent posts about Kerberos and recent PR's @_dirkjan 's .
0
29
0
RT @Synacktiv: In our latest article, @croco_byte and @SScaum demonstrate a trick allowing to make Windows SMB clients fall back to WebDavā¦.
synacktiv.com
Taking the relaying capabilities of multicast poisoning to the next
0
95
0
RT @Synacktiv: We've just updated our training catalog to include the latest additions, including a brand new course on ransomware investigā¦.
0
9
0
RT @Synacktiv: Yay! Our offensive Azure training was accepted at BlackHat USA 2025 š„³ Can't wait to see you there and share cutting-edge tecā¦.
0
7
0
RT @Synacktiv: A few months ago, Microsoft released a critical patch for CVE-2024-43468, an unauthenticated SQL injection vulnerability inā¦.
synacktiv.com
Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections
0
64
0