Andy Robbins @_wald0
Product Architect of BloodHound Enterprise. Co-creator of BloodHound. Please donate to MDA: https://t.co/wtLm1eFzRc. He/him. @SpecterOps. Mstdn: @[email protected] wald0.com Seattle, WA Joined March 2011-
Tweets5K
-
Followers37K
-
Following2K
-
Likes5K
Nice if you want to play around with BH data inside PowerShell. Thx @martinsohndk for sharing this gem
Nice if you want to play around with BH data inside PowerShell. Thx @martinsohndk for sharing this gem
We are hosting a #BloodHound users meetup next week: Location: 11000 Optum Cir, Eden Prairie, MN Date/time: May 2 from 4PM to 7PM Cost: free Register here: ghst.ly/442MNfk
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March. If you are interested in getting credentials from LSASS without accessing its memory, check it out! medium.com/specter-ops-po…
Heading to #MMSMOA next month? Make sure to add this session to your schedule. @_Mayyhem will be joining @TheWMIGuy & @TomDegreef to speak on how to secure your ConfigMgr environment & defend against publicly known attacks. Learn more ➡️ ghst.ly/4459csL #SCCM
Shoutout to @m4lwhere on this comprehensive guide to getting started in BloodHound Community Edition. Check out his blog post that covers setting up, collecting data, analyzing the data & providing value with that data. ghst.ly/3JlkvmO
If you want to get started with BloodHound CE, then I highly recommend reading this awesome blog post by @m4lwhere. It's a great resource to kickstart your journey! m4lwhere.medium.com/the-ultimate-g…
👋 Hello, Nashville! If you’re at #WiCyS2024 come by Booth 228 to chat with a few Specters and learn more about us.
I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager that can be run with Read-only Analyst privileges or higher in SCCM. Please share with your IT admins, defenders, clients, assessors, and friends in infosec! posts.specterops.io/rooting-out-ri…
🥳 🎉 Folks, @fabian_bader, @Thomas_Live & I are excited to launch Maester today after working on this over many long nights & weekends! Maester is an open source, test framework that you can set up in minutes to test & continuously monitor your Microsoft security config 🧵⬇️
Heading to #WiCyS2024 this week? We are too! Stop by Booth 228 to meet our team and learn more about us and how you can become a Specter.
Entra Connect Sync lets you exclude *specific* users from synchronization using attribute-based filtering. Does Entra Cloud Sync have a similar feature? I can see filtering by group and OU. But is there an *attribute* based filter to exclude *specific* users from sync?
Is it possible to conduct AiTM phishing attacks with Azure Functions to phish Entra ID sign-in cookies? Spoiler: Yes it is. And we can bypass injected canary tokens and automate the replay😶🌫️nicolasuter.medium.com/aitm-phishing-… Kudos to @wesleyneelen @janbakker_ @fabian_bader @SantasaloJoosua
In the documentation for #EntraID roles, I was curious about this big “Important” box for the Application Administrator role because I know it’s here for security reasons as @_dirkjan showed 😉 (learn.microsoft.com/en-us/entra/id…) 👀 Let’s see if the part I highlighted is true!
Micro$oft: Let us introduce you to Defender for Identity! It only costs 4million dollars more per year that you won't be budgeted for! OR, just read the SpecterOps whitepaper, it's free! /s
Micro$oft: Let us introduce you to Defender for Identity! It only costs 4million dollars more per year that you won't be budgeted for! OR, just read the SpecterOps whitepaper, it's free! /s
We just announced the next offering of Azure Security Fundamentals course: 🌎 Online and in-person in Denver 🗓️ October 7-10, 2024 💵 $4,000, but 25% off through August 8 More details here: events.humanitix.com/azure-security…
🚀I'm finally releasing GraphSpy to the public!🕵️ A powerful offensive security tool focused on making initial access and post-compromise enumeration in Microsoft Entra and M365 much more convenient during penetration tests and red team assessments! github.com/RedByte1337/Gr…
Fantastic writeup by Marius on how foreign applications can degrade your Entra/Azure security posture.
Fantastic writeup by Marius on how foreign applications can degrade your Entra/Azure security posture.
🏅🎉 Victory for Mythic! 🎉🏅 🎊🏆 The echoes of the competition have settled, and one legend stands triumphant – Mythic takes the 1st place in Purple March Madness! 🎉✨ Their journey has been nothing short of epic, woven into the annals of the game's history! 🌟📜
An ounce of controlling Domain Admin logons is worth a pound of Baselines.
GIANT merge to Nemesis just published If you've ever struggled to install Nemesis, we've made it 10x easier by getting rid of nemesis-cli and using Helm for k8s management instead Check out the new setup guide for instructions on how to install: github.com/SpecterOps/Nem…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Dave Kennedy @HackingDave
206K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeFlorian Hansemann @CyberWarship
75K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98MJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsmRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistAlh4zr3d @Alh4zr3d
19K Followers 282 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagnippsec @ippsec
111K Followers 348 FollowingGrzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-DebugPrivilege @DebugPrivilege
36K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripCharlie Bromberg « .. @_nwodtuhs
13K Followers 646 Following Trying to hack the way we hack things 🏴☠️Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KIVincent Yiu @vysecurity
27K Followers 202 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.Dirk-jan @_dirkjan
25K Followers 171 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.Jason Graham @JasonSGraham
180 Followers 1K Following Christian, Husband, Father, Hacker. Opinions are mine alone.BerkeleyNyi @Berkeley147
340 Followers 6K FollowingChaminda Kumara @kumaruwan17
38 Followers 1K Followingteio @teio1515599
16 Followers 163 Followingshirto cubher @cubher15531
13 Followers 175 Followingrudra_57 @57Rudra58078
20 Followers 462 FollowingDaniel @DMakewea
1 Followers 1K FollowingPoupou Micou @PoupouMicou
1 Followers 49 FollowingEzsecurity @Ezecurity
1 Followers 139 FollowingHermon Kidane @HermonK7
55 Followers 307 Followingpfremaux @pfremaux
22 Followers 501 FollowingTaquine @taquine_
51 Followers 173 Following # ﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽﷽mlecchaslayer156 @mlecchasla37448
94 Followers 2K FollowingShasle @Shasle143364
0 Followers 27 Followingsthatrolls @sthatrolls
6 Followers 54 FollowingFlash @gordonjwang
0 Followers 4K FollowingLauri @LauriKendaru
19 Followers 96 FollowingDriveByte GmbH @drive_byte
32 Followers 74 Following Sleep well again and leave hackers no chance to begin with. We provide innovative and tailored cybersecurity services, for corporate, and SME sized businesses.lolett84 @tiltdealer
117 Followers 843 Followingskander @skander6659
35 Followers 84 Followingc500 @c5008944
27 Followers 317 FollowingHeber Blain @HeberBlain
10 Followers 302 FollowingITSec0 @ISec0
2 Followers 71 FollowingSimon Hammarlund @hammarlundSIM
6 Followers 50 FollowingPNK PAVITHRAN @im__pavithran
203 Followers 453 FollowingXinny @Xinny347829
29 Followers 241 FollowingSaul @saulpatinojr
63 Followers 125 Followingchebuya @_chebuya
100 Followers 28 Following network, web and cloud security :D | OSCP CRTO | @[email protected] | @chebuya:https://t.co/U6KIX4swUY♛♟WhereDoWeGoFrom.. @WhereGoFromHere
36 Followers 189 Following Being alive right now...and tomorrow.Elizabeth Dazzle @ElizabethD43474
16 Followers 953 Followingxiaoxiaoshu @xiaoxiaosh77608
3 Followers 13 Followingb-rad @bradcyb3rguy
0 Followers 52 FollowingM@r$h@ll @idontknowmyat10
10 Followers 351 FollowingHappyQQ @HappyQQ_CN
8K Followers 7K Following 非专业脱口秀,全栈老码农,数字游民,爱苍老师的资深水货CTO。 曾发布在华军软件园的一部分软件开源了:https://t.co/CK8EeszRRl 专注AI,网络安全,系统架构、软件研发等前沿技术领域! 购买课程或付费技术咨询请加WX:HappyQQ868(添加时注明来自推上), 其他朋友请在推特上交流。Robbe @RobbeVuylsteke
35 Followers 40 FollowingMcKenZie016 @ArbuttiJay
35 Followers 507 Following Nna ke motlokoa, mokgalo wa matjotjo, motho wa seboloka, seana nkwana e tolotsana lesediKyle Neary @theKyleNeary
198 Followers 270 Following Professional hacker. Musician. Star Wars enthusiast. Yankees fan obsessed with DJLM. Opinions are my own.Dave Kennedy @HackingDave
206K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeFlorian Hansemann @CyberWarship
75K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98MJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsDebugPrivilege @DebugPrivilege
36K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripCharlie Bromberg « .. @_nwodtuhs
13K Followers 646 Following Trying to hack the way we hack things 🏴☠️Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KIVincent Yiu @vysecurity
27K Followers 202 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.Dirk-jan @_dirkjan
25K Followers 171 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.rootsecdev @rootsecdev
23K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.mpgn @mpgn_x64
17K Followers 234 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mwMatt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my ownJosh @passthehashbrwn
7K Followers 344 Following Adversarial Simulation at IBM, tweets are mine etc.sn🥶vvcr💥sh @snovvcrash
10K Followers 437 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣Harm Veenstra | MVP @HarmVeenstra
2K Followers 3K Following Microsoft MVP | #PowerShell Evangelist | Living apart together with @Eve_023 | Consultant | *Core | #Pixel7 | #Espresso | https://t.co/8Aes02OcHferm4 @er1cm4
22 Followers 69 FollowingKeanu Nys @RedByte1337
197 Followers 45 Following Offensive Security Lead @ Spotit. Creator of GraphSpyCory Wolff @cwolff411
7K Followers 232 Following Director, Offensive Security @ risk3sixty | Core team member @RedTeamVillage_ | Technologist | Builder and breaker of all the things. Tweets are my own.clearbluejar @clearbluejar
967 Followers 293 Following Research | Learn | Write | Code | Repeat | https://t.co/aMkHjDdfTq #patchdiffing | Author of #ghidriff | Security Researcher @clearseclabsJean-Michel Besnard @jmbesnard_maz
303 Followers 509 Following Partner - Cybersecurity Audit & Advisory - Grant Thornton FranceAshish Gupta @ashishrocks
262 Followers 573 Following VP, Cloud Security Operations, Information security. https://t.co/n5VhvhYfduMike @MySnozzberries
508 Followers 2K Following I Build-Break-Repeat, AWS, Azure, MS, Cisco, InfoSec https://t.co/eN8iK5IMuLKay Daskalakis @KayDaskalakis
52 Followers 144 Following 🛡️ Visually helping to spread the message #DefenceInDepth starts with #Identity @SpecterOps - Tweets, satire and harmless opinions are my own.Daniel Mayer @dan__mayer
550 Followers 492 Following https://t.co/K4CorT895N Adversary Simulation @specteropsMohit Gupta @_Skybound
93 Followers 67 Following Principal Security Consultant @ WithSecure focusing on all things AWS and Kubernetes More active on Slack so find me theredrak3hft7 @drak3hft7
2K Followers 389 Following OSCP | eCPPT | CRTP | Bug Hunter & Penetration Tester | Synack Red Team Member | Top 30 YeswehackDavid O'Brien (he/him.. @david_obrien
6K Followers 2K Following Cloud Security and compliance diagrams automatically created for MSP / MSSP & consultants. Ex- MS Azure MVP, pilot, dad. #cloudsecurity #azure #awsJean Marsault @iansus
1K Followers 377 Following Red-Team & DFIR @WavestoneFR YoloSw4g CTF Opinions are my ownelkement @elkement
1K Followers 1K Following Physicist, engineer (cyber security, energy). Creating physics-inspired art and Found Poetry.Daniel @0x64616e
471 Followers 139 FollowingLukas Klein @RantaSec
35 Followers 165 FollowingForrest Kasler @FKasler
244 Followers 370 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specteropsitay.io @ity_krk
184 Followers 998 Following cybersecurity all-arounder | low code enthusiastic | creator of https://t.co/mDid1l28hR | https://t.co/gCB4ydvg9b (acquired by Zscaler)Edznux @Edznux
122 Followers 422 Followingnodauf @nodauf
465 Followers 502 Following Offensive security enthusiast | Interested in malware dev, AD, Windows, ...Rémi GASCOU (Podalir.. @podalirius_
7K Followers 555 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools | Coach of the CTF team @OteriHack 🎬 https://t.co/QaAENc4NcYMelvin langvik @Flangvik
9K Followers 465 Following Team Lead @kovertno , previously Red Team @TrustedSec , terrible creator of InfoSec content 📹Opinions are my own and not the views of my employer.Jason Ostrom @securitypuck
882 Followers 255 Following Instructor and Author @SANSInstitute | Blue & Red Team | GoLang & Terraform| Builder of things | Husband & Father | #NHL #NFL | @[email protected]Michael Liben @MLiben
308 Followers 969 Following Security and Identity-minded Technologist. Frequently outspoken.Mike Marable @mike_marable
2K Followers 2K Following The guy that shipped #ConfigMgr 1805 TP at #MMSMOA 2018.Paul Winstanley - MVP @SCCMentor
5K Followers 561 Following SCCM Solutions Ltd - https://t.co/t0fP65rZvu #Consultant, #SCCM #MSIntune #Windows10 #ConfigMgr #Windows365. Microsoft Enterprise Mobility MVP. #MEMPoweredJohann Rehberger @wunderwuzzi23
3K Followers 631 Following Hacking neural networks so that we don’t get stuck in the matrix. Red Team Director @ Electronic Arts. Entrepreneur. Builder and Breaker. Opinions are my own.Vadims Podāns 🇱�.. @Crypt32
731 Followers 42 Following PKI Consultant @PKISolutions Microsoft MVP: Cloud and Datacenter ManagementFrancois Dufour @frfrdufour
453 Followers 183 Following Marketing Partner & CMO @ Decibel. CMO Coach. Ex Twilio and LinkedIn. Board Member @ Madkudu. Father, kitesurfer, swimmer. Writes about Marketing & PLG.Sam Mak @sam_ps_mak
123 Followers 56 Following I'm a Senior Product Manager at Microsoft working on Identity Security.Shannon McHale @_shannon_mchale
1K Followers 711 Following Red Team @ Mandiant/Google 👩🏻💻 Focused on hacking and protecting clouds. Presenter at DefCon, ShmooCon, WiCyS, and WiConnects. Ex-@RITSECclub PresidentCarsten @0xcsandker
2K Followers 132 Following Security enthusiast, Likes Windows Internals & AD In case twitter implodes: https://t.co/O5CSoJnrIKBilly Oppenheimer @bpoppenheimer
117K Followers 127 Following writing/research assistant to @ryanholiday | my newsletter: https://t.co/uq7u9HbTfQPatrick Gray @riskybusiness
32K Followers 2K Following Host of the Risky Business® podcast. Guests by invitation only. Bsky: https://t.co/xxk90HocUFMicrosoft Mechanics @MSFTMechanics
147K Followers 402 Following Why, How & When to use current and forthcoming Microsoft Tech. Hosted by Microsoft Director @DeployJeremy & colleagues. An official @Microsoft video series.Aaron Guilmette @drunknerdpro
125 Followers 142 Following Trust me--I'm a consultant. My tweets don't necessarily reflect the opinions or positions of my employer. https://t.co/FszwjI0E5VA:\leksandar🌩🐚N.. @alexandair
5K Followers 1K Following Mastodon: @[email protected] Microsoft Azure MVP, the co-founder of https://t.co/ow8N26r2yXL’Theron @Ltheron308
80 Followers 163 Following Screaming into the void. Tolkien Nerd. Musician. Infrequent Streamer. Former Chef. Constant Reader. Gamer. LGBTQA+ Ally 🏳️🌈Black Lives Matter, He/HimHugow @hugow_vincent
467 Followers 848 Following Security researcher && cat memes. Climb/fly sometimes 🪂Aanchal Gupta @nchlgpt
2K Followers 185 Following CVP & Deputy CISO (Microsoft) Happy to discuss anything related to security, privacy, compliance, gardening, & hiking (nchlgpt =full name without vowels)Nice if you want to play around with BH data inside PowerShell. Thx @martinsohndk for sharing this gem
Exporting nodes in #BloodHoundCE and #BloodHoundEnterprise is easy - click the Export button and select JSON ⬇️ JSON is nice but I prefer PowerShell objects, so I simply run... 1/2
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March. If you are interested in getting credentials from LSASS without accessing its memory, check it out! medium.com/specter-ops-po…
Heading to #MMSMOA next month? Make sure to add this session to your schedule. @_Mayyhem will be joining @TheWMIGuy & @TomDegreef to speak on how to secure your ConfigMgr environment & defend against publicly known attacks. Learn more ➡️ ghst.ly/4459csL #SCCM
Shoutout to @m4lwhere on this comprehensive guide to getting started in BloodHound Community Edition. Check out his blog post that covers setting up, collecting data, analyzing the data & providing value with that data. ghst.ly/3JlkvmO
If you want to get started with BloodHound CE, then I highly recommend reading this awesome blog post by @m4lwhere. It's a great resource to kickstart your journey! m4lwhere.medium.com/the-ultimate-g…
I understand the announcement was vague but this is a rapid situation that is unfolding. If orgs want quick answers to paths leading to tier 0 assets. Do both blood hound and azurehound. Map those paths out. Reset, protect, and defend therecord.media/sisense-data-b…
👋 Hello, Nashville! If you’re at #WiCyS2024 come by Booth 228 to chat with a few Specters and learn more about us.
I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager that can be run with Read-only Analyst privileges or higher in SCCM. Please share with your IT admins, defenders, clients, assessors, and friends in infosec! posts.specterops.io/rooting-out-ri…
@merill idk how to explain it but the way you record demo videos is so aesthetically satisfying that i think you should be on the Windows UI team or something.
🥳 🎉 Folks, @fabian_bader, @Thomas_Live & I are excited to launch Maester today after working on this over many long nights & weekends! Maester is an open source, test framework that you can set up in minutes to test & continuously monitor your Microsoft security config 🧵⬇️
Heading to #WiCyS2024 this week? We are too! Stop by Booth 228 to meet our team and learn more about us and how you can become a Specter.
@_wald0 Unfortunately filtering by attribute values and support for device objects are two features missing from Cloud Sync. learn.microsoft.com/en-us/entra/id…
Is it possible to conduct AiTM phishing attacks with Azure Functions to phish Entra ID sign-in cookies? Spoiler: Yes it is. And we can bypass injected canary tokens and automate the replay😶🌫️nicolasuter.medium.com/aitm-phishing-… Kudos to @wesleyneelen @janbakker_ @fabian_bader @SantasaloJoosua
@EricaZelic @MalFuzzer @filip_dragovic @_wald0 (and yes, I know almost every bit of documentation, including much of Microsoft's official docs on Learn state that SDProp is what applies AdminSDHolder security descriptors on protected objects. They're wrong.)
Spent some time this morning diving into some new metadata exposed in Sched Task events. In Win10 versions 1903 and up there 5 new properties shown, one of which is "RpcCallClientLocality", which is an enum that will tell you if the client call is local, remote, unknown. This…
In the documentation for #EntraID roles, I was curious about this big “Important” box for the Application Administrator role because I know it’s here for security reasons as @_dirkjan showed 😉 (learn.microsoft.com/en-us/entra/id…) 👀 Let’s see if the part I highlighted is true!
Micro$oft: Let us introduce you to Defender for Identity! It only costs 4million dollars more per year that you won't be budgeted for! OR, just read the SpecterOps whitepaper, it's free! /s
ADCS strikes again (sounds a lot like ESC1). Just as a reminder, despite our recommendation of alerting IT administrators of this very common dangerous misconfiguration (AT A MINIMUM via an event log). Microsoft chose not to include any additional logging in ADCS.
🚀I'm finally releasing GraphSpy to the public!🕵️ A powerful offensive security tool focused on making initial access and post-compromise enumeration in Microsoft Entra and M365 much more convenient during penetration tests and red team assessments! github.com/RedByte1337/Gr…
I wrote an article about foreign Entra workload identities and how they can affect a tenant's security boundary. You can find it here: scip.ch/en/?labs.20240…