Tony Gore
99 posts

Tony Gore
@nullg0re
Security Researcher, US Marine Corps Veteran, Microsoft Most Valuable Researcher 2023 & 2024
Illinois Beigetreten Haziran 2016
1.4K Folgt648 Follower

@NinjaStyle82 @SM_Bradshaw Check out @0xZDH ‘s TokenMan toolkit. github.com/secureworks/To…
It uses FOCI abuse. More research can be found here: github.com/secureworks/fa…
English

This was my last research project while working for Secureworks. I’ve taken a new role at CrowdStrike but I am still proud of the work I did with my Secureworks fam. PTAL:
Cloud to on-prem (and multi-cloud) lateral movement: secureworks.com/research/log-a…
English

I placed 30th in the top 100 Most Valuable Researcher leaderboard!! Special thanks to @msftsecresponse for putting on these events year after year!

English

Permissive Avere Contributor Role Allows for VM Credential Dumping.
Secureworks Threat Analysis:
secureworks.com/research/permi…
Nullg0re Blog (More personalized analysis):
nullg0re.com/2024/03/permis…
English

How to combine Responder w/ Evilgnx2 for privilege escalation and lateral movement in Passwordless, MFA and/or Zero Trust Environments:
(Technique discovered by @nevadaromsdahl in 2023))
nullg0re.com/2024/05/cracki…
English

@HackingDave I’ll hit up your site for the contact info! Thanks Dave!
English

@nullg0re 103 is super low friend. I would chat with endo at VA or a specialized clinic like our place at least to assess
English

Had a friend text me today, got tested 5 months ago and had sub 200 testosterone levels. Started TRT - he's down 37lbs and is hitting the gym regularly - said he feels like he's in his 20s again.
Not saying TRT is a magic bullet, but it sure as hell is a big one for us.
Men get your levels checked! Below is a company I'm co-owner of - never pushy, low cost, and our doctors really care about helping you as we age and live the best and longest life possible.
Only reason I'm part of this is because it immensely helped me, my testosterone levels were in the low 200s and it was a game changer for me. Never knew why I had so much brain fog, low energy, slow metabolism, and low drive in general.
iamhrt.com
Simple process, sign up, doc prescribes local bloodwork at the nearest labcorp, and doctor meets with you for free consultation to talk about where you are. Might not need anything, or might be ways to optimize. Can cancel anytime.
#wehackhealth
English
Tony Gore retweetet

Episode 1 w/ @nullg0re, of my new podcast 'whoami' is now live on spotify and youtube! On whoami, I'm talking with great hackers to find out how they got into hacking and dig into their area of expertise. Check it out:
youtu.be/rE2eBnE1LtA
open.spotify.com/show/76RZgAzX2…

YouTube
English

Performed some research with my teammate @SantasaloJoosua regarding Multi-Tenant Application Redirect URIs. Turns out, in some cases, they can be taken over and used to steal Azure Authorization Code's (OAuth2.0 Auth Code Flow):
secureworks.com/research/azure…
English

Spent some time in Azure Machine Learning Studio and identified some areas to keep in mind when using the environment. Nothing groundbreaking, but definitely a reminder of why security needs to be more involved with the explosion of AI infrastructure / needs:
nullg0re.com/2024/02/securi…
English

Oh! This is cool! I placed in the top 10 of hackers / researchers world wide in the @msftsecresponse Q4 Leaderboard with 325 points! And top 5 in the Azure specific leaderboard!
Special shoutout to my teammates (past and present) @DrAzureAD @SantasaloJoosua for helping me level up over the past year. Thank you guys!


English


Entra ID Connect Arbitrary Password Overwrite
nullg0re.com/2024/01/entra-…
English

@HackingDave @MirandaGhrist hahaha spoken like a true Marine. Rah! LOL
English

@nullg0re @msftsecresponse That's awesome! Congratulations Tony! Keep up the great work! 🔥🚀
English

Earlier this year I made the Top 100 2023 Microsoft Most Valuable Researcher list! Thanks @msftsecresponse for sending out the swag! Just in time for the holidays!


English






