I only use this account to follow current and former coworkers and for Serious Business Things™.
If you know me, you know where to look for shenanigans 😉
JS-Tap by @hoodoer is my favorite new tool in the past few months. Very polished, and brings new capability to an often ignored vulnerability (XSS). Red teamers, now is the time to leverage those XSS vulns to further your objectives! https://t.co/SICmOdmoRB (1/2)
Huge news!
“Introducing The Shelf” - our research team writes amazing things we never publish.
We’ve decided to release some of these projects in various states as well as sunset some of our most used tools to start new and better ones.
https://t.co/U0uFGTikuk
#TrustedSec
My big news: Running a consulting firm is stressful, I've also grown weary of only cloud testing. I'm stoked to share, I joined the Targeted Operations Red Team at @TrustedSec 💪🏼back to the red team grind! Shout out to an old friend, @curi0usJack, for the invite to join🫡
For almost a year, invisible password spraying could be performed against any #Azure tenant due to a vulnerability in #MicrosoftGraph. In our latest blog, @nyxgeek walks us through how these attacks could have been carried out. Read it now! https://t.co/MFhwH4vZXy
Thank you @4ndr3w6S,@HackingLZ,@nas_bench,@Antonlovesdnb, and @jsecurity101 for joining an unforgettable AOAF!
Catch the replay - Lots of good knowledge shared!
3 takeaways:
1. Assume more Breach
2. Purple Team your Cloud
3. Detect the behavior, not the tool! More inside!
4. 2024 Evals are going to be lit!
(yep you got 4)
https://t.co/c4bIUa8auJ
Also -
Purple Madness is coming back this year!
and a special C2 Showdown!
👀 We are excited to announce our top 10 most read blogs of 2023! Thanks to all the Security Blog readers out there! Find out what made the list below 👇🧵
Our #webinar about our new #Impede Detection Platform is this week! Don't miss your chance to get an in-depth look at how Impede works. Register now! #DetectionEngineering@Ben0xA https://t.co/eRRXKdnyLU
Today we are excited to finally launch our new Impede Detection Platform. Unleash the power of Impede and revolutionize the way your business handles detection engineering. https://t.co/J010pd9aRa
I always asked myself how do I make a difference in the world.
I built DerbyCon with friends to help and impact others.
Then I built TrustedSec. Then I built Binary Defense.
Now this. It's just the beginning. I now have an army of the best and most brightest talented people in the cyber security industry willing to help folks that would have never had a chance in this field or in stem.
We're all aligned - change these kids lives for the better, get them into this industry and other tech related fields - and impact communities around the country.
That's how we make a difference and make the world a better place.
More to come, and more people to help. Won't stop.
#TrustedSec
Happy Monday! Today @Carlos_Perez and I are releasing a blog on adversarial LDAP tradecraft.
In this write-up we show:
- Normal LDAP queries you might see
- Common LDAP queries adversaries and red teams use
- Telemetry you can use to see these LDAP queries
- A way to get around the logging
Check it out: https://t.co/8tuhDIZZ3m
Happy to finally share our slide
deck/demo videos from our @texascyber talk, “You DISliked DCSync? Wait For NetSync!”
Thank you x3000 to @MindsEyeCCF, for help with the fantastic slides, & my co-presenter/friend/mentor/research partner @exploitph 🤗
https://t.co/ctD7KGbd6h
If you're at the @texascyber Summit, make sure to catch TAC Practice Lead @4ndr3W6S and @exploitph for their talk "You (dis)liked dcsync? Wait for netsync" on Friday at 5pm. https://t.co/gDWxk8m1S5
In our latest #blog, Principal Security Consultant @_xpn_ discusses some of the post-exploitation techniques he finds useful in cloud environments, specifically #Okta. Read it now! https://t.co/wjAxFWdani
My Okta for Red Teamers post is up! We look at how Kerberos SSO works, how to intercept credentials via a fake AD Agent, decrypting AD Agent tokens, adding skeleton key's, and even how to deploy a janky SAML IdP server to auth as any user for good measure. https://t.co/Hs0wN5397s