I wrote a tool to extract all Kerberos tickets stored in the keyring of Linux systems enrolled in a Windows domain 🥳
Super useful for obtaining AD account access! 🚀
👉 Check it out: https://t.co/eAbyuFMRJe
I’m just releasing Nanorust — a Rust rewrite of nanodump!
- Low-level LSASS dumping
- Direct syscalls (Hell’s/Tartarus Gate)
Modular, research & red team ready ⚠️
🔗 https://t.co/5MXsTUlbSH
#RustLang#RedTeam#Infosec#WindowsSecurity#OffensiveSecurity
I've just released ccacheExtractor, a tool to dump all kerberos tickets from KCM store.
This is pretty useful to obtain AD account ! 🚀
#CyberSecurity
👉 Check it out: https://t.co/cJNOQpW6rV
Release 2.2.1 of objectwalker is out! 🥳🎉
Fixes a few bugs and optimized the search!
Very useful for solving Python jails or finding Server Side Template Injection payloads in python
https://t.co/A5Zo96pl9C
I am delighted to announce that Microsoft has awarded me the title of Microsoft MVP for my contributions in the security field.🥳
I want to thank all those with whom I have worked over the years, and in particular @_mudpak, @mpgn_x64, @NoobosaurusR3x, @HacktBack and @Akumarachi
I've just released GeoWordlists, a tool to generate wordlists of passwords containing cities at a defined distance around the client city.
This is pretty useful for spraying / bruteforcing in internal pentests on an Active directory domain for example!
➡️https://t.co/81UDMmWMrg
The DOJO challenge #23 is over!
We have our 3 winners! 🏆
Congrats to @PerceSecu, @Iknownaught , Aku
The swag are on their way!
Keep an eye on your mailbox 📬
You can find the solution and a write-up for the DOJO challenge on our blog 👇
https://t.co/Rb1YCALfbn
#YesWeRHackers #BugBounty
(1/3) I've released publicly a new tool/library called #objectwalker that I have been working on for a few months. 🥳
ObjectWalker allows you to find paths into python objects to find interesting targets, in breadth first search or depth first search!
➡️https://t.co/A5Zo96pSZa
Let’s goo, @EuCyberCup is over 🏴☠️
🥇 We won the bug bounty (@Wlayzz did it all)
🥉 We ended 3rd on Forensic
🥉 And we finished 3rd on general scoreboard (1st enterprise team)
We had a blast, great orgs, great challs, great teams, big improvement since 2022 ✌️
Interested by cryptographic stuff?
I've just updated https://t.co/wBsX4MVjAt, featuring cryptographic techniques such as AES padding oracle. Keep learning and take your skills to the next level! #CTF#Cybersecurity#AES#Crypto
Completed implementing built-in pass-the-hash in #BRc4 after spending a lot of time with Mimikatz and a great blog written by @ShitSecure . More interesting things are on the way. The below blog is a must read to understand the technique at code level.
https://t.co/RlaKGcSVJo
Hey #CTF enthusiasts! Today I'm releasing the first version of CTF recipes!
This wiki mainly focuses on #pwn techniques for now, but stay tuned for future topics! #OpenSource#CyberSecurity
https://t.co/jDJ7LrXd5U
I've just published a little #pwn Blind ROP tool along with 3 custom vulnerable examples to try it.
Check it out and let me know what you think.
#infosec#hacking#ctf
https://t.co/4BvTWoAoRy
I've just published a little #osint tool to extract all the users from a #GiTea server, with or without authentication. This is really useful to create wordlists of possible usernames in redteams for example ;)
https://t.co/p5w45Qnen9
[#thread 🧵] No, #ChatGPT does not execute commands. I've seen a few posts about how ChatGPT is capable of executing linux commands. Here is what actually happens step by step: ⤵️
Last year, I tweeted about #Administrator accounts not following the #lockout policy.
Yesterday, @Microsoft issued an advisory (#KB5020282) solving this problem by adding an #account lockout to local administrators accounts: ⤵️
https://t.co/y6t4MLGGmy
https://t.co/rUnL2DZJc1
[#thread 🧵] I am very proud to announce that I will be giving a talk at @BlackHatEvents Europe 2022 (#BHEU) in London 7-8 December 🥳🎉
In this #talk, I'll demonstrate how to automate the search of Remote Procedure Calls (#RPC) to #coerce authentications on @Windows machines.
Recently, I generated loose compare tables for every version of every language. 🥳
In this repo you will find a list of all the results of comparisons between different data types, in #PHP, #MySQL, #Postgres, etc.
https://t.co/SPLV5DEh7m