If AD authentication is a black box, 𝗮𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀 𝘄𝗶𝗹𝗹 𝗳𝗶𝗻𝗱 𝘁𝗵𝗲 𝗴𝗮𝗽𝘀.
➡️ NTLM fallbacks, weak encryption, bad delegation - small misconfigs, big impact.
𝗤𝘂𝗶𝗰𝗸 𝘀𝗲𝗹𝗳-𝗰𝗵𝗲𝗰𝗸: Do you know when/why NTLM is still being used in your environment?
🚫 Most teams don’t - until an incident forces them to learn it fast.
So for the next 𝟳 𝗱𝗮𝘆𝘀, I’m making my NTLM & Kerberos 𝗺𝗶𝗻𝗶-𝗰𝗼𝘂𝗿𝘀𝗲 𝗳𝗿𝗲𝗲.
Inside, you’ll get a practical dive into how NTLM/Kerberos work, how they’re abused, and what to change to harden auth in real Windows/AD environments:
▪️ Why not just NTLMv1 must die (and where NTLM still sneaks in)
▪️ Kerberos tickets + encryption (and what “good” looks like)
▪️ Hardening with AES, Protected Users, restricted delegation
▪️ Reducing Kerberoasting and related abuses with defenses that hold up in audits
Field tested. Actionable from day one. Trusted by 1,500+.
👇 𝗙𝗿𝗲𝗲 𝗳𝗼𝗿 𝟭 𝘄𝗲𝗲𝗸:
🔗 https://t.co/Qxl163NpAN
𝗖𝗼𝗱𝗲 (𝟭𝟬𝟬% 𝗼𝗳𝗳): WANTTOLEARNAUTH
#ActiveDirectory #Kerberos #NTLM #WindowsSecurity #IdentitySecurity #BlueTeam #CyberSecurity
If AD authentication is a black box, 𝗮𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀 𝘄𝗶𝗹𝗹 𝗳𝗶𝗻𝗱 𝘁𝗵𝗲 𝗴𝗮𝗽𝘀.
➡️ NTLM fallbacks, weak encryption, bad delegation - small misconfigs, big impact.
𝗤𝘂𝗶𝗰𝗸 𝘀𝗲𝗹𝗳-𝗰𝗵𝗲𝗰𝗸: Do you know when/why NTLM is still being used in your environment?
🚫 Most teams don’t - until an incident forces them to learn it fast.
So for the next 𝟳 𝗱𝗮𝘆𝘀, I’m making my NTLM & Kerberos 𝗺𝗶𝗻𝗶-𝗰𝗼𝘂𝗿𝘀𝗲 𝗳𝗿𝗲𝗲.
Inside, you’ll get a practical dive into how NTLM/Kerberos work, how they’re abused, and what to change to harden auth in real Windows/AD environments:
▪️ Why not just NTLMv1 must die (and where NTLM still sneaks in)
▪️ Kerberos tickets + encryption (and what “good” looks like)
▪️ Hardening with AES, Protected Users, restricted delegation
▪️ Reducing Kerberoasting and related abuses with defenses that hold up in audits
Field tested. Actionable from day one. Trusted by 1,500+.
👇 𝗙𝗿𝗲𝗲 𝗳𝗼𝗿 𝟭 𝘄𝗲𝗲𝗸:
🔗 https://t.co/Qxl163NpAN
𝗖𝗼𝗱𝗲 (𝟭𝟬𝟬% 𝗼𝗳𝗳): WANTTOLEARNAUTH
#ActiveDirectory #Kerberos #NTLM #WindowsSecurity #IdentitySecurity #BlueTeam #CyberSecurity
📣 I partnered with @13CubedDFIR for another giveaway! 🎁
🏆 Five winners will receive a 13Cubed course of their choice from the list below + a Forensicator T-Shirt.
13Cubed Courses:
- Investigating Windows Endpoints
- Investigating Windows Memory
- Investigating Linux Devices
- Investigating macOS Endpoints
Each course comes with a Certificate of Completion as well as Certification attempts!
On April 25th, entries across social media platforms will be combined, and the five winners will be selected.
To Enter:
✅ Like
✅ Share
✅ Comment which course you want to win the most
For more information ⬇️
Link to 13Cubed Training: https://t.co/xbinmzAm3g
13Cubed Merch Store: https://t.co/021POuBvGj
#DFIR #DigitalForensics #IncidentResponse
Giving away 2x full access packages:
Linux Attack, Detection & Forensics v2.0 - Hands-on Purple Teaming Playbook + 90 days PurpleLabs VPN access
To enter:
✅ Follow me
❤️ Like this post
💬 Comment
🔁 Repost
Winners announced March 22nd 🎯
First time doing this, let's see how it goes 😄
https://t.co/SUktIBXgHt
#linux #redteam #blueteam #dfir
🚀 CCDL1 IS LIVE - 10 FREE CERTIFICATIONS UP FOR GRABS
Our new SOC analyst cert just dropped. To celebrate: 🏆 We're giving away 10 free CCDL1 vouchers ($5,000+ value)
"It's rare to see entry-level blue team content that covers Azure AD/Entra ID, especially given how frequently SOC teams work in these environments today. This legit might be the most up-to-date blue team training for junior analysts." — CCDL1 Student
To enter:
☑️ Follow @CyberDefenders
☑️ Repost
☑️ Reply: How will CCDL1 help you become a better SOC analyst?
10 days. Winners Feb 9th.
🔗
Ready to start your SOC career? This is your shot -> https://t.co/eC82Jwn740
#CCDL1 #CyberSecurity #DFIR #SOCAnalyst #BlueTeam #CyberDefenders
📢 I partnered with @13CubedDFIR for another giveaway! 🎁
🏆 1 winner will receive a 13Cubed Investigator T-Shirt + the XPlat Bundle Complete which includes the following four courses:
- Investigating Windows Endpoints
- Investigating Windows Memory
- Investigating macOS Endpoints
- Investigating Linux Devices
Each course comes with a Certificate of Completion as well as Certification attempts.
👕 5 winners will receive 13Cubed Investigator T-Shirts
The T-shirts have the 13Cubed logo on the front and "Digital Forensics Investigator" on the back.
To Enter: Like, Comment, and Repost
On December 7th, entries from across three social media platforms will be combined and winners will be selected.
For more info check out:
XPlat Bundle Complete: https://t.co/3Sx1JWJ9x6
Certification Information: https://t.co/IVM2zdyp62
T-Shirts: https://t.co/021POuAXQL
#DFIR #DigitalForensics #IncidentResponse
Since there was an outage yesterday I'm doing this again.
🚨 Giveaway and new course! I just released a nuclei course and we have made it a part of our Black Friday bundle. You can get all of our courses for the price of one.
🎁I’ll give some away. All you gotta do is RT & reply with which bundle you want! (I'll pick winners from both posts)
More info here 👉🏼 https://t.co/0pEoZljSV1
Giveaway and new course 🚨
I just released a nuclei course and we have made it a part of our Black Friday bundle. You can get all of our courses for the price of one.
🎁I’ll give some away. All you gotta do is RT & reply with which bundle you want!
https://t.co/U3ijsLW98N