GitHub - kozmer/aad-bofs: AzureAD beacon object files AzureAD beacon object files. Contribute to kozmer/aad-bofs development by creating an account on GitHub.

We've been putting these to good use lately on some ops.

github.com/kozmer/aad-bofs

Keep an eye on future updates from @kozmer.bsky.social.

There's so many ways to secure your comms these days without ever exposing anything. Amazes me this is still even a thing, alongside open C2 management ports.... Tailscale anyone? Basic firewalls security?

Chris just added

“Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API.

We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)”

github.com/trustedsec/C...

2 days and 0 only fans bots. Things are looking up here.