Rohan Vazarkar

🧵 Yesterday Microsoft released a post describing CVE-2024-37085, a vulnerability in ESXi hypervisors. According to the disclosure, a low-privilege user can gain "full administrative access" to domain-joined ESXi hypervisors. microsoft.com/en-us/security…

All slides for presentations at #SOCON2024 sponsored by @SpecterOps are now live! github.com/SpecterOps/pre…

This is a HUGE deal. If you've ever purchased a #BloodHound shirt or otherwise donated to @MDAorg, your money has gone towards making this happen.

@Carlos_Perez @harmj0y @SadProcessor @zinic @_wald0 We just need to run into each other again so we can do the hug in person

@harmj0y @SadProcessor @CptJesus @zinic @_wald0 Miss you man, right now planning a lot of content for my personal channel and your stuff is in over 60% of the planned stuff, keep rocking

None other than @CptJesus and @zinic to explain why “Graphs are Hard” at #SOCON2024

@PyroTek3 @IanColdwater @LitMoose @mzbat @_sn0ww @merill @inversecos @AlyssaM_InfoSec @mvelazco @josequinones @RachelTobac @hacks4pancakes @Carlos_Perez @mcohmi @EricaZelic @vmiss33 @techwithtaz @tywilson21 @BlackInCyberCo1 Was so great to see you at Shmoo again, its been far too long!

#FF Some of my favorite people in/around infosec @IanColdwater @LitMoose @mzbat @_sn0ww @merill @inversecos @AlyssaM_InfoSec @mvelazco @josequinones @CptJesus @RachelTobac @hacks4pancakes @Carlos_Perez @mcohmi @EricaZelic @vmiss33 @techwithtaz @tywilson21 @BlackInCyberCo1

I was in a situation where I discovered a complete domain compromise. I needed to provide the client with remediation recommendations, but the available information was scattered and high-level. For that reason, @synth_nic0 put together this series: - posts.specterops.io/domain-of-thro… - posts.specterops.io/domain-of-thro…

New post 👇taking a look at compromising Slack access on both Windows and macOS. New BOF included! posts.specterops.io/abusing-slack-…

The HardHat Toolbox is finally ready github.com/HardHatToolbox. It contains Rivet, a demo Asset (Implant) written in Rust, along with the Asset Development repo, which contains detailed step-by-step guides and templates to help get you started on writing custom Assets for HardHat.

@webyeti @BsidesDC I cant believe you still have the CD! Gotta thank @MikeOLearyTu for pushing me to go present there in the first place

Ten years ago I saw @CptJesus present Minecraft Through a Metasploit Module @BsidesDC . The rest is history. Glad to see how far he’s gone. #iykyk #bsides

You should absolutely check SCCMHunter if you are doing internal Pentests or RedTeamings from @garrfoster What a cool tool. github.com/garrettfoster1…

Join me and @CptJesus on August 17 from 11AM to noon Pacific for our first BloodHound CE webinar. We will show you: - How to get started - Huge performance improvements - API interaction use-cases And more. Register here: ghst.ly/3Om0jDo

We are releasing BloodHound Community Edition next week. As part of this release, we are raising money for @StJudeResearch. You can buy your limited edition shirt starting today here: customink.com/fundraising/bl…

Today: join me and @CptJesus in the BloodHound Slack from 11AM to Noon Pacific for an AMA regarding the upcoming BloodHound CE release. Not in the BloodHound Slack yet? Get your invite here: ghst.ly/BHSlack

We're thrilled to announce BloodHound Community Edition (CE) -- the next evolution of #BloodHound. Scheduled for release on 8/8, BloodHound CE has many new features & enhancements, making it easier for users to deploy, manage, and utilize. Learn more: ghst.ly/458lIGX

I am proud to announce the release of #BloodHound 4.3! Release blog post: medium.com/p/5795cbf535b2 Limited edition T-shirt: customink.com/fundraising/sp… Get BloodHound 4.3 NOW at bit.ly/GetBloodHound

Wow, what a crowd today at #FIRSTAMS2023! Over 45 people are attending our free Advanced BloodHound workshop in Amsterdam. A great start of the FIRST 2023 Technical Colloquium. #training #bloodhound

To understand our future, we must study our past. I am proud to announce the release of #RetroHound! ✅ Runs on Windows 3.1 ✅ Backed by an MS Access database ✅ Full NetBEUI & LANMAN support See it in action here: bit.ly/RetroHound

Skill up, help out. Take one of our six workshops at SO-CON and support the Equal Justice Initiative! ghst.ly/socon2022works…

We here @SpecterOps just released @getghostwriter v3.0.6! There are great new system health monitoring features. This and the previous release also include some very useful contributions from the community, which I really appreciate♥️ github.com/GhostManager/G…

At @SpecterOps, @leidy_tector and I focus on maturing detection engineering teams. This blog explores our methodology for prioritizing the detection engineering backlog. posts.specterops.io/prioritization…