Will Schroeder @harmj0y
Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary. blog.harmj0y.net Seattle, WA Joined August 2012-
Tweets6K
-
Followers46K
-
Following939
-
Likes1K
@_Mayyhem and I are going to Germany! Our talk, "Misconfiguration Manager: Overlooked and Overprivileged," has been accepted at @WEareTROOPERS! We're excited to discuss the latest SCCM research with everyone!
I gave my first talk ever @BSidesLV. I have since talked entirely too much about AI Security. I met @rharang and @LogisticAggro there who got me involved with @aivillage_dc. I gave someone my Text Analysis w/Python book after the talk. The rest is history. They have extended…
"...results reveal that domain fronting is feasible in 22 out of 30 CDNs tested, including some major CDN providers like Akamai and Fastly. This indicates that domain fronting remains widely available & can be easily abused for malicious purposes" -great😐 arxiv.org/abs/2310.17851
Is this in a lab, yes. Is this also what operators would run not in a lab, also yes. Everything in memory, done with off-the-shelf malware with a Rigging integration from run in an "agentic" loop. Sometimes the models do well, sometimes they do poorly, but progress is up and to…
Hey you! Yes, you. You should listen to An Attacker’s Perspective on Defending AI Systems…. @monoxgas spitting truth! youtu.be/HkihqNP9y9k?si…
The TierZeroTable is now updated with the cool research published by @decoder_it 🔥 - Distributed COM Users was already Tier Zero, but as security dependency without a known attack. - Performance Log Users is a completely new record in the table. github.com/SpecterOps/Tie…
The TierZeroTable is now updated with the cool research published by @decoder_it 🔥 - Distributed COM Users was already Tier Zero, but as security dependency without a known attack. - Performance Log Users is a completely new record in the table. github.com/SpecterOps/Tie…
"Now that attackers are using AI-powered hacking tools, there's a need to step up and invest in more robust security solutions" *Looking at my IR notes Mimikatz.exe Netscan.exe Killdef.ps1 Rclone.exe PSExec RDP to DC VPN with no MFA Yes yes, AI-powered having tools boooo! 👻
I took an early stab at PGD for LLMs based on arxiv.org/abs/2402.09154 (@geisler_si). Neat technique to relax the one-hot for gradient updates + projection. Also got to spend some time with litgpt. github.com/dreadnode/rese… Experimental and messy, but enjoy.
Drumroll, please. 🥁 Nemesis 1.0.0 has dropped! From host modeling to dashboard changes, read @harmj0y's new blog post detailing the updated features in this release. ghst.ly/44irzdx
ETW-ByeBye: Disabling ETW-TI Without PPL legacyy.xyz/defenseevasion…
The very awesome people from Microsoft DART have put together a collection of one-page Windows forensics guides to help you understand various artefacts you can use during your investigations. Check them out - microsoft.com/en-us/security…
Would anybody be interested in short tips of the week for Mythic and its various agents? Is there an easy format people like to use for this or a way to make them easily searchable afterwards?
Did you know that LSASS has the ability to execute arbitrary kernel-mode addresses? I wrote a small proof of concept that allows administrators to execute unsigned code in the kernel if LSA Protection is disabled. github.com/floesen/KExecDD
@ancailliau @adulau It took us years to build ours. It’s ironic that you can get TB of malware or logs of attacks everywhere but goodware or good logs are really hard to come by.
So @j00ru published two posts on Windows Registry; given that there were a lot of fixes in Windows Registry in recent months I expect these to be fun ;) googleprojectzero.blogspot.com/2024/04/the-wi… googleprojectzero.blogspot.com/2024/04/the-wi…
Abusing WSUS with MITM to perform ADCS ESC8 attack - @belettet1m0ree j4s0nmo0n.github.io/belettetimoree…
This is an excellent guide for getting rid of Kerberos RC4. Highly recommend it. As the author puts it: "The risk of not taking action this area is greater than the risk of hardening your environment." techcommunity.microsoft.com/t5/core-infras…
You think the defensive GenAI companies starting red teams and assessment services would recommend each other’s products? Unlikely. Get an unbiased third-party assessment from a company like @NetSPI or @SpecterOps.
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Dave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsFlorian Hansemann @CyberWarship
75K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98MAlh4zr3d @Alh4zr3d
19K Followers 283 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagnippsec @ippsec
111K Followers 350 FollowingGrzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.Vincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KIMike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripCharlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️Dirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.Ali Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.LMCkiller @LmCkiller
13 Followers 207 FollowingAlibabas @0x_alibabas
22 Followers 83 FollowingZack Holland @zack_holland
7K Followers 8K Following 4x founder removing the guesswork from growth as founder/ceo @SelectFew // builder, marketer, investor, ramen eater // always up to help, DM's open0q1111 @0q1111
23 Followers 45 FollowingChed Wiggins @CheddarB0b42
553 Followers 1K Following SOC Manager @LSU_Shreveport. 🟪🟨⚜️ My sarcastic tweets do not represent the views of my employer and can (probably) be safely ignored. We train blue teamers.mkhntr @mk_log_hntr
0 Followers 40 FollowingNathan Chandler @birdseyemaple
14 Followers 20 FollowingRandall Rinehart @r9wvp9ymjs
43 Followers 85 FollowingVaibhav Mulak @MulakVaibhav
24 Followers 394 Following Hacker | CyberSecurity Enthusiastic | Learner.Penuser389474 @penuser38938760
0 Followers 4 Following.... @aosh89
1 Followers 308 FollowingPrakash Jha @v_2prajh
28 Followers 403 FollowingБіиаяу Сояе @da_doctor87
2 Followers 63 Following Anarchist Genius Strategic Thinker Robotics Engineering Cyber Security Consultant Depression and psychotic featuresTruffleFun TW @TruffleFunTW
645 Followers 5K Following The evaluation period for this copy of Windows has ended. Windows cannot start. To continue using Windows, please purchase and install a retail copy of the prt.Error403 @2rr0r4o3
41 Followers 350 FollowingWinslow @senzee1984
613 Followers 339 Following Windows Internal | Malware | TTPs | Active Directory | Evasion OSCE3(OSED OSEP OSWE) OSCP Opinions are my ownJason Lancaster @JasonBLancaster
559 Followers 3K Following Doing all things cyber security. These are my own thoughts.0x59901R @0x59901R
38 Followers 499 FollowingHare Sudhan @cyb3rbuff
73 Followers 329 Following Software engineer in cybersecurity. Living the best of both worlds. Open Source Contributor and Maintainer of #AtomicRedTeamznd @zinedlabs
434 Followers 1K FollowingLiteid @Liteid1
15 Followers 731 FollowingBen Lyons @silverandfire
4 Followers 59 FollowingElectronicsseeker @libertarian108
10 Followers 1K Followingtester @xxtesterxx
0 Followers 246 Followingangrybird @4ngry_b1rd
16 Followers 28 FollowingMooney @Mooney007Moon
0 Followers 59 FollowingSoftware Eng @KerberosCript
29 Followers 89 FollowingHaluk YAMANER (Хал.. @halukyamaner
131 Followers 2K Following 🇹🇷 Founder of Future Software UAE 🇦🇪 🚀 "Let's build the future together!" 📍 Dubai / United Arab Emirates https://t.co/sYHfEXynePIvan 13 @ivan92031121
4 Followers 183 FollowingRina @rinaserra88
6 Followers 3K Followingᦔ꠸ƼƼᗱᥴᒣ�.. @di553c70r
0 Followers 46 FollowingRobert Zamora @robertzamora
32 Followers 275 FollowingZm @Zm28339748
19 Followers 370 Following나영욱(이창제/�.. @nayeong45489484
182 Followers 5K Following 나사로 상임 명예 회장/세계중앙은행 상임 명예 총재/하버드 의대 상임 석좌 부교수/현대아산 변호법인 사업체 대표이사/독립수사과 아브라함 함대 대장/대통영 명예훈장/서울중앙지법 민사합의12부 부장 판사/슈퍼 바이어/천성공사,천궁전,천사원장/연합군 최고 총 사령관/장원급제 문공입니다.Arielly Oliveira @PurpleDot01
1 Followers 3 Followinglimazuluhotel @limazuluhotel
6 Followers 198 FollowingShameem Bhat @hacktvist
663 Followers 690 Following wanderer, who thrives to explore the different dimensions of life and culture.infosecprof @theinfosecprof
2 Followers 7 FollowingDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsFlorian Hansemann @CyberWarship
75K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98Mippsec @ippsec
111K Followers 350 FollowingGrzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.Vincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KICharlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️Dirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 611 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]sn🥶vvcr💥sh @snovvcrash
10K Followers 439 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣Megan @mega_spl0it
405 Followers 249 Following Purple Teamer | Probably a SIEM log | Send Memes | Putting the Tater in Administater | Security Spud @TrustedSecMatt Ehrnschwender @M_alphaaa
603 Followers 163 Following Clemson Computer Science student, CTF Player and challenge developer, I sometimes write code tooSLEUTHCON @SLEUTHCON
2K Followers 1K Following SLEUTHCON is a cybercrime conference from the folks who brought you @CYBERWARCON. Follow & subscribe to our YouTube channel @sleuthcon. #SLEUTHCONshane caldwell @shncldwll
352 Followers 258 Following pentester + ml eng. building hackbots @runsybilAnca Dragan @ancadianadragan
8K Followers 178 Following AI safety & alignment at Google DeepMind • associate professor at UC Berkeley EECS • proud mom of an amazing 2yr oldAshutosh Mehra @ashutoshmehra
1K Followers 5K Following Senior Principal Scientist at Adobe. Working on Acrobat AI Assistant, LLMs, and document ML.Sebastian Raschka @rasbt
267K Followers 906 Following Machine learning & AI researcher writing at https://t.co/A0tXWzG1p5. LLM research engineer @LightningAI. Previously stats professor at UW-Madison.Secure Learning Lab (.. @uiuc_aisecure
940 Followers 289 Following We are a computer science research group led by Bo Li at UIUC, focusing on responsible and trustworthy machine learning.Weiyan Shi @shi_weiyan
3K Followers 696 Following Postdoc @StanfordNLP, incoming assistant professor @Northeastern, PhD @Columbia| Prev Intern @MetaAI |Co-created CICERO | persuasive chatbots + privacy #nlprocAlphatu🐇 @Alphatu4
3K Followers 1K Following YaqiZHANG @Alphatu4|🏆#Microsoft MVP | Complex System | Author& Founder&Engineer |NerdDiplomat🤗 | Author of 2 Books |Speaker of @pku1898 @penn @ApacheConKaden Pieksma @KPieksma
57 Followers 105 FollowingChris Myers @swizzlez_
406 Followers 250 Following Co-Founder @getCourseStack Previously co-founder @snaplabsio (acquired by @immersivelabs)Apres Cyber Slopes Su.. @ApresCyber
50 Followers 103 Following Cybersecurity meets skiing at #ApresCyber! Join top AI training, networking & briefings for CISOs & innovators in Park City, Utah. #CyberSummitShiloh Smiles @arctic0x78
15 Followers 15 FollowingBartley Richardson @BartleyR
602 Followers 235 Following Director of #cybersecurity engineering @NVIDIA | Lead Cyber AI, #Morpheus, #CLX | Cyber+ML/DL researcher | Engineering the future of cyber | views == mineRachel Allen @RachelKayAllen
386 Followers 829 Following Data Scientist, AI Infrastructure @rapidsai @NVIDIA. @UVA PhD. Views are my own 💁🏻♀️🥼🧠💻📈🤖memN0ps @memN0ps
2K Followers 163 Following Rust programming, hypervisor research & development, Windows internals, and reverse engineering. Member of @the_secret_club.Nanna Inie @NannaInie
1K Followers 327 Following HCI / cognition / creativity researcher. VILLUM fellow at ITU Copenhagen, Center for Computing Education Research. https://t.co/GKq2m8DuKlVinu Sankar Sadasivan @imVinusankars
370 Followers 244 Following PhD student @UMDcs with @FeiziSoheil | AI Security & Privacy | Prev. @MSFTResearch, @Caltech, @IITgn, @IIScBangalorePhilipp Krenn @xeraa
5K Followers 746 Following 🎩 of DevRel & Developer 🥑 @elastic — tweets about Elasticsearch, Kibana, search, observability, security | DMs are open https://t.co/Lj9TDHRn0vBorhane Blili-Hamelin.. @Borhane_B_H
674 Followers 2K Following he/him | ML Ethics | AI Vulnerability Database | AI Risk and Vulnerability AllianceRob Simon @_Kc57
1K Followers 563 Following Practice Lead Mobile & Hardware Security @TrustedSec 🎮 Video Game Hacker / Collector 🎮 @[email protected]OpenChat @OpenChatDev
2K Followers 42 Following Advancing Open Source LLMs with Mixed Quality Data through offline RL-inspired C-RLFT. ⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀𝗣𝗿𝗼𝗷𝗲𝗰𝘁 𝗟𝗲𝗮𝗱: Guan Wang, @AlpayAriyakevan loves worf @esjesjesj
29K Followers 997 Following one piece, communist, prison abolitionist, Elon obsessed, pro Palestine Jew, alt is @eeesssjjj, esjesjesj on bskyDan McInerney @DanHMcInerney
1K Followers 358 Following Python, hacking, AI, and MMA data. Lead AI security researcher https://t.co/ZDZApJOZyY.Maxime Labonne @maximelabonne
12K Followers 437 Following Author of Hands-On Graph Neural Networks https://t.co/Q8victWUmR • Machine Learning ScientistThomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownRob @Rob_Mulla
5K Followers 560 Following Data Science @ https://t.co/obcGxNNJSg // Python 🐍 & Data 💾 // 4x Kaggle Grandmaster // Live coding is fun 🎙️// Follow on twitch: https://t.co/GHjWoRVia7 & Youtube: https://t.co/WfD4vK0ageSeyed Nouraie @seyednouraie
8 Followers 31 Following Teaching you how to run petabyte scale SOCs Modernize your SOC with ML + data pipelines Cybersecurity Architect @ MSFT. All views are my owndreadnode @dreadnode
783 Followers 22 Following AI Red Teaming | Research. Tooling. Evals. Cyber ranges.Bobby Filar @filar
2K Followers 926 Following dad. security machine learning @sublime_sec fmr:@elastic, @endgameincElliot @ElliotKillick
3K Followers 40 Following Security engineer and researcher | Elliot on SecurityMatt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my ownArjun Chakraborty @sfrosagulla
75 Followers 141 Following Security ML and threat detection at Databricks (Views my own)Stephen Chapman 🦀 @Chapman
3K Followers 909 Following Webdev, reverse engineer, writer, and Rustacean🦀! "If you can't be the data, be a pointer to the data." -??? #rustlang #openai #reverseengineering #gamehackingJohn Hammond @_JohnHammond
240K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClBryce Galbraith @BryceGalbraith
2K Followers 854 Following Fellow human being | SANS Principal Instructor | Cybersecurity Consultant | Author | Speaker | Digital nomadA little socialism, a.. @srunnels
2K Followers 1K Following Incident Response at Mandiant. Probably talking about emacs.The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.Valtteri Bottas @ValtteriBottas
1.8M Followers 216 Following @F1 driver for @stakef1team_ks. ambassador for @canyon_bikes & @sramroad. in partnership with @hyland and @sufhelsinki. Never give up. #VB77Rayan Bouyaiche @rayanlecat
1K Followers 681 Following Active Directory & Cloud hacking enthusiast, CTF @phreaks2600 and pentester @secnumcloudEthical Hacker @offethhacker
2K Followers 5K FollowingNot the tag you'd expect to see but I found the #Kubernetes bits quite interesting in those blog posts!
It's a big day- @tifkin_, @0xdab0, and I are proud to announce that Nemesis 1.0.0 has landed! We have a ton of awesome new features and a streamlined installation, check out the details at posts.specterops.io/nemesis-1-0-0-… and the code at github.com/SpecterOps/Nem…
I took an early stab at PGD for LLMs based on arxiv.org/abs/2402.09154 (@geisler_si). Neat technique to relax the one-hot for gradient updates + projection. Also got to spend some time with litgpt. github.com/dreadnode/rese… Experimental and messy, but enjoy.
Huge update for Nemesis. We're finally v1.0.0!!!
It's a big day- @tifkin_, @0xdab0, and I are proud to announce that Nemesis 1.0.0 has landed! We have a ton of awesome new features and a streamlined installation, check out the details at posts.specterops.io/nemesis-1-0-0-… and the code at github.com/SpecterOps/Nem…
🚨 I'm super excited to announce the project I've been pouring all of my free time into this past month. The Kubenomicon: An open source offensive security focused threat matrix for kubernetes with an emphasis on walking through how to exploit each attack. Get more info below!
🃏
« Wow you’re a hacker?! You must be so smart! » Me, switching ?id=1 to ?id=2 for a living:
@IgnoulJoris @Mickey_De_Baets @_RastaMouse @nikhil_mitt People. I know I can bounce ideas of @ShitSecure @domchell @mrgretzky @jeffmcjunkin @mosesrenegade @Flangvik @_xpn_ @checkymander @am0nsec @bettersafetynet @jon__reiter @_JohnHammond @passthehashbrwn and the list goes on and on and on... The amazing thing about this industry
Submitted my resignation. I'll miss my team - ninjas, every last one of them. Nearly 8 years across two stints of some of the craziest hacks and wildest objectives. But it's time to leave the consulting world and dive down even deeper rabbit holes. Excited for the new mission :)
Finally made it to the team member page on @SpecterOps "About Us" page. Yes my picture looks like I work at Asda and am about to offer to carry your bags to your car... but still classing this as my win for the month 🤣specterops.io/about/team/
Kubernetes always makes things simpler... /s It's really cool seeing this project gain more traction. Lots of really great improvements with this release
Amazing work by @harmj0y and @tifkin_. I also want to shout out @M_alphaaa for building out our CI/CD procedure and being super helpful answering my Kubernetes questions. Really awesome work by everybody.
@0xdab0 did a killer job building this all out! Definitely check it out!
GIANT merge to Nemesis just published If you've ever struggled to install Nemesis, we've made it 10x easier by getting rid of nemesis-cli and using Helm for k8s management instead Check out the new setup guide for instructions on how to install: github.com/SpecterOps/Nem…
I love when the Traffic Insights table in GitHub has mail.google.com as a referer. I like to think it's just one guy emailing my project out to all his friends saying "Wow! This brightened my day" just like my aunt does with her Facebook memes
GIANT merge to Nemesis just published If you've ever struggled to install Nemesis, we've made it 10x easier by getting rid of nemesis-cli and using Helm for k8s management instead Check out the new setup guide for instructions on how to install: github.com/SpecterOps/Nem…
Amazing work by @harmj0y and @tifkin_. I also want to shout out @M_alphaaa for building out our CI/CD procedure and being super helpful answering my Kubernetes questions. Really awesome work by everybody.
Great timing on this post as we just merged our first offensive technique contribution from the community (@__Mastadon ), ELEVATE-3!
ICYMI: A team of Specters, including @subat0mik, @_Mayyhem & @garrfoster, identified 22 new techniques for attacking Microsoft Configuration Manager or using it post-exploitation. Check out @SecurityWeek to learn more about these findings. ghst.ly/43HCDRl
HIIT morning done 💪 never sure if I’m gonna die or not mid class.. it’s that kinda gamble that makes you feel alive!
Alright. I think I'm done shit posting xz for the weekend. I'll just leave it with: ‐ It's amazing this didn't use any OST! ‐ I wonder how they pulled this off without reading a red team r&d blog first. - commit time zones and a Chinese name seems a pretty heavy false flag.