Letsgoooo, have fun everyone! 🔥🔥

Joining VulnLab has been one of the best decisions I could make, both as a player and as a content creator. Very happy to be part of this community!

Hello! This fork aims to be the most bleeding-edge, but of course it's not possible without your contributions. If you are making a PR to Fortra's Impacket, please mirror it here github.com/ThePorgs/impac… Fortra=steady and stable, Porgs=BleedingEdge (less conflicts = quicker merge)

Fyi we restarted from scratch (i.e. latest Fortra’s master branch). We had gotten so « ahead » that new pending PRs were always conflicting. We will need to do that once in a while, since our end goal is not to replace the official repo 🙂‍↔️ Merged 4 PRs tonight

Had fun working on a PoC to execute commands in other users' sessions. This could be automated into a chain of actions potentially leading to full domain compromise. Scroll down to "Thoughts" in the repo :) github.com/Leo4j/SessionE… #Pentesting #ActiveDirectory #CyberSecurity

GIUDA betrayed again, how to get a new and fresh TGT (or a TGS - if you settle for little) on behalf of another logged user on a Windows machine. How it works: lnkd.in/dYDxq5nx #redteam #giuda #kerberos thx to MzHmO@github

Happy to say I'm now CRTM certified! Thanks Altered Security and Nikhil Mittal for the nice experience!

Congratulations to Geiseric for the rare distinction of clearing our Certified Red Team Master exam! #GCBLab #CRTM #AlteredSecurity cc Nikhil Mittal alteredsecurity.com/gcb

Ifrit has been solved! Congrats on the first bloods Geiseric Jack NLTE!

Congratulations to Geiseric for clearing our Certified Azure Red Team Professional exam! #AzADLab #CARTP #AlteredSecurity cc Nikhil Mittal alteredsecurity.com/azureadlab

Question for all SCCM gurus out there. I'm using version 2403 which doesn't seem to support HTTP anymore, just EHTTP or HTTPS. Does this mean I can't perform the relay attack obtaining policies?

As many others did, I also created a BlueSky account, hopefully leaving this platform. If you want to keep in touch bsky.app/profile/geiser…, see you there!

Time to dive into Active Directory again - Redelegate by Geiseric will be released on Thursday!

Old but gold 🏅 Vintage created by Geiseric will go live on 30 November 2024 at 19:00 UTC. Lantern will be retired! ✔️ Hard ✔️ Windows → Choose your Machine and start #hacking: okt.to/BkgKWo #HackTheBox #HTB #CyberSecurity #NewRelease

GraphSpy just hit 600 stars on GitHub after releasing version 1.4!✨ This version introduces the new Entra ID module, better loading animations, and JSON syntax highlighting. Check it out here: github.com/RedByte1337/Gr…

Unpopular opinion: if red team publishes a new research/technique, detections should not be shared as well.

Microsoft seems to have recently deprecated the legacy account.activedirectory.windowsazure[.]com endpoint, which GraphSpy was using to list and add MFA methods for a user. GraphSpy 1.4.3 now utilizes the mysignins[.]microsoft[.]com API now (which is also a FOCI resource!)

📧 GraphSpy 1.5.0 is out now and brings a brand new Outlook Graph module! ✅Read emails in any folder ✅Send HTML-formatted emails directly in GraphSpy ✅Access shared mailboxes ✅Search for sensitive information like passwords 🔗Check out GraphSpy here: github.com/RedByte1337/Gr…