The World need more @rageagainst.bsky.social

They didn't even try this time...

New report for LPE incoming.

This time they fixed it properly. No more vulns in that service. I'm sure of it 🙄

www.ibm.com/support/page...

GitHub - jfjallid/go-rpcclient: Interact with Windows RPC Services over SMB using go-smb Interact with Windows RPC Services over SMB using go-smb - jfjallid/go-rpcclient

New tool drop from jfjallid (not on this platform)

github.com/jfjallid/go-...

Wow I didn't expect that 🤯 Great blog post.

Using RDP without leaving traces: the MSTSC public mode Learn how MSTSC’s /public mode works! It blocks credential caching, session details, and bitmap storage, enhancing security. Discover its impact and how to reset MSTSC for a clean slate.

Need to use RDP without leaving traces? Learn how to enable MSTSC public mode for more privacy and security in your remote sessions. Perfect for shared environments and enhanced confidentiality! 🔐💻

👉 Read my latest blog post: blog.devolutions.net/2025/03/usin...

Some of the backsplashes disappeared from one of the examples due to lack of escaping. Check for "C:Program FilesMicrosoft".

Decrypting the Forest From the Trees - SpecterOps TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be decrypted via ...

#SCCM forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all creds can be decrypted via Administration Service API.

Check out our latest blog post from @unsignedsh0rt.bsky.social to learn more. ghst.ly/4buoISp

So did Justin Trudeau just quit to make sure he never had anything to do with Trump ever again?

Some Christmas cheer with @buffaloverflow.rw.md . A nice bug in the URL handler for Delinea Secret Server.

blog.amberwolf.com/blog/2024/de...

NTLM v1 is removed from the latest version of Windows

Oh by the way

"Influencing the infosec community 101" by @xpnsec.com

Capture NetNTLM handshakes. Relay against domainintegrated services.

RIP "Within this assessment, the red team (also referred to as ‘the team’) gained initial access through a web shell left from a third party’s previous security assessment."

www.cisa.gov/news-events/...

@avlidienbrunn.bsky.social just joined 👀

Wait, where is cube0x0? 🤔

(probably busy coding)

Following my prev tweet, my Kerberos MITM relay/forwarder is almost finished! It targets for example insecure DNS updates in AD, allowing DNS name forgery. It intercepts, relays, and forwards traffic, with the client unaware. Currently supporting smb->smb and smb->http (adcs)

... and _RastaMouse.

My replies to Linkedin messages this week...

I have a new family member ☕❤️

Still waiting for _EthicalChaos_ ...

That's a keeper 😄

I think this image capture the state of the world right now...