Technical architect @SpecterOps. Code: Empire | BloodHound | GhostPack | PowerSploit | Veil-Framework. One time I broke forest trusts with @tifkin_

Seattle, WA
Joined August 2012
Introduction episode coming January 11th, with @jaredcatkinson and @jsecurity101 hosting, and @v3r5ace as producer. This will be available wherever you listen to podcasts. We are all excited to start getting content out to you, drop a follow to keep updated!
2
20
34
Will retweeted
People didn't understand what we were talking about 3 years ago. Remember #Golden #SAML from 2017? @gentilkiwi @TalBeerySec @ShakReiner @CyberArk Here it is: cyberark.com/resources/threa… [Nov, 2017] #Innovation
1
13
41
Sysmon ProcessAccess snippet for Rubeus monitor gist.github.com/Antonlovesdn…
2
25
76
All video and slide content from SO-CON 2020 has been posted to our website. Check them out: specterops.io/so-con2020 Also, YouTube playlist link: invidious.snopyta.org/playlist?list=PL… Thank you again to all of the attendees!
0
124
243
Will retweeted
Built some automation to help with dumping cookies using Chromium's remote debugger. This technique works against Chromium browsers (Google Chrome, Microsoft Edge, etc.) on any OS! I dig into how the technique works and present my implementation posts.specterops.io/hands-in…
6
78
186
Show this thread
Public training offerings have been posted for Red Team Operations, Mac Tradecraft and Vulnerability Research for Operators in March/April. Sign up here: specterops.io/how-we-help/tr…
1
19
68
Final tally: $4,680 raised across all of the charities. We thank everyone who attended SO-CON 2020 and their support for these causes.
0
5
23
Show this thread
CVE-2020-17049 is not only bypass acount is sensitive. You *CAN* obtain tickets with "Kerberos only delegation", not only with "protocol transition" Pre-requiste are still important, but attack surface is a little bit bigger :) Sorry for bad message @jakekarnes42
2
51
165
Show this thread