Security Consultant at NCC Group Loves Windows and Active Directory security

Madrid
Joined October 2013
ATTL4S retweeted
Nice blog post of @cube0x0 about elevating privileges in AD with built-in groups. cube0x0.github.io/Pocing-Bey… - I like the example regarding the 'Schema Admins' group a lot.
2
22
63
Show this thread
ATTL4S retweeted
Bring a cup of coffee and read our last article from our owl @TheXC3LL. Hijacking connections without injections: a ShadowMoving approach to the art of pivoting adepts.of0x.cc/shadowmove-hi…
0
22
21
428
ATTL4S retweeted
New pypykatz version 0.4.0 is out. Not on pip yet, as despite weeks of testing I still treat it as beta. What's new: 1. new ASCII logo thanks to @thugcrowd 2. kerberos live functions thanks to @harmj0y (rubeus) 3. new DPAPI with Chrome and WIFI secrets 1/N github.com/skelsec/pypykatz
2
36
95
Show this thread
Operating from a restricted environment without outbound connectivity? Venom allows for port reuse and even works on Windows (to my surprise). Now you can set up a SOCKS proxy without disturbing the original service! Check it out 👉github.com/Dliv3/Venom
1
107
344
ATTL4S retweeted
It has taken me a while and a few headaches to understand how Kerberos works across domains, but it is finally implemented in cerbero 🐶🐶🐶. Now you can ask for tickets, perform S4U impersonation and Kerberoasting across domains. gitlab.com/Zer1t0/cerbero/
0
13
25
ATTL4S retweeted
Nueva temporada en @noconname . Vamos a ver como se desarrollan los acontencimientos. Tenemos todos los videos de #ncn2k20 procesados y los iremos subiendo cada miércoles 🥳
2
11
38
ATTL4S retweeted
#FF @0xcsandker I discovered his blog recently, and his articles are of very good quality. He approaches many Windows topics with precision and clarity. You should go and read his articles about IPC internals, authorizations, authentication protocols... csandker.io/2021/01/10/Offen…
3
32
99