GPOHound v1.1.0 is out! 🎉
This release adds the "sysvol", "ldap", and "parse" modules, along with several bug fixes and improvements.
For more details: https://t.co/BbLSzdinWG
Dropping new LOLBin/LOLBAS inspired project today called LOLGlobs, to document some cool ways of commandline evasion using wildcards and some other obfuscation techniques that go beyond B64 encoding: https://t.co/weesvN45Vd
Comprehensive 5-part series on Windows Inter-Process Communicatio by @haider_kabibo
Part 1: https://t.co/w5Bi5vNr6j
Part 2: https://t.co/sFc5nBcBZT
Part 3: https://t.co/3PG0NIhbOb
Part 4: https://t.co/Qo4aFLyTS1
Part 5: https://t.co/sJqo6586xN
#Windows#infosec
GitHub - Bert-JanP/Open-Source-Threat-Intel-Feeds: This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash. https://t.co/dpK723i27o
🚨 CVE-2025-8088: WinRAR Zero-Day Used to Deploy RomCom Backdoors
ESET has identified spearphishing campaigns leveraging malicious RAR attachments to exploit CVE-2025-8088—a WinRAR zero-day vulnerability. This technique delivers RomCom backdoors, attributed to threat actor Storm-0978 (aka Tropical Scorpius / UNC2596).
https://t.co/daMXLc64nn
To support fellow Defenders, I’ve crafted a KQL detection to surface indicators of this exploitation. It’s designed to help identify Storm-0978 activity until your infrastructure team rolls out the necessary patch.
https://t.co/8Pyya29H0L
#Cybersecurity #WinRaRZeroDay #Storm0978
Today, together with Jonathan Elkabas, we're releasing EntraGoat - A Deliberately Vulnerable Entra ID Environment.
Your own hands-on Entra lab for identity attack simulation.
Built for red teams, blue teams and identity nerds.
Check it out here👉https://t.co/5qlXQiSYHS
Active Directory Hardening Series
Part 1 Disabling NTLMv1 https://t.co/9gla1vtQ18
Part 2 Removing SMBv1 https://t.co/KOqpamarcW
Part 3 Enforcing LDAP Signing https://t.co/oW2Ymvu1ZW
Part 4 Enforcing AES for Kerberos https://t.co/iENjEPBOFD