Hocine

212 posts

Hocine

@Sant0rryu

Katılım Şubat 2019

523 Takip Edilen489 Takipçiler

Hocine retweetledi

Dirk-jan@_dirkjan·26 Şub

Forgot to post it, but the recording of my Black Hat talk was released last week. If you're interested in all the hybrid AD attack surface you never knew about, give it a watch: youtu.be/rzfAutv6sB8?si…

YouTube

English

110

379

28.7K

Hocine retweetledi

7h3h4ckv157@7h3h4ckv157·2 Kas

ADCSDevilCOM 📍 A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly. By: @AnonArtist8 github.com/7hePr0fess0r/A…

English

294

16K

Hocine retweetledi

SpecterOps@SpecterOps·23 Eki

Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

English

336

741

136.7K

Hocine retweetledi

Wil@wil_fri3d·11 Eki

Come to see how we discovered and analyzed CVE-2025-33073 with my colleague @yaumn_ at Hexacon today !

Hexacon@hexacon_fr

📢 NTLM reflection is dead, long live NTLM reflection: Story of an accidental Windows RCE by Wil (@wil_fri3d)

English

Hocine retweetledi

Steven@0xthirteen·19 Ağu

I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it specterops.io/blog/2025/08/1…

English

124

12.1K

Hocine retweetledi

hashcat@hashcat·2 Ağu

hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…

English

369

1.2K

79.1K

Hocine retweetledi

@belette_timorée@belettet1m0ree·26 Tem

Yet another bloodhound ingestor for Linux based system and using ADWS as the main interface. Built with @Sant0rryu , meet github.com/j4s0nmo0n/Soap…. You may check out the short blog post for more details. j4s0nmo0n.github.io/belettetimoree…

English

3.6K

Hocine@Sant0rryu·2 Tem

@aituglo @yeswehack Ahaha la Switch est déjà là, bravo @aituglo 👏🏻

Français

Aituglo - Cassim@aituglo·2 Tem

Here it is, the story of the LHE from @yeswehack at LeHack aituglo.com/aituweek-50/

English

2.9K

Hocine retweetledi

Yuval Gordon@YuG0rd·21 May

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

English

371

878

166.8K

Hocine retweetledi

Andrea P@decoder_it·24 Nis

I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…

English

150

351

19.6K

Hocine retweetledi

Enderman@endermanch·19 Nis

Did you know you can run certutil to decode Windows HRESULT/NTSTATUS error values? certutil -error


 English
41171
1.8K
89.9K

Hocine retweetledi

Aurélien Chalot@Defte_·14 Nis
You have got a valid NTLM relay but SMB and LDAP are signed, LDAPS has got Channel Binding and ESC8 is not available... What about WinRMS ? :D

Blogpost: sensepost.com/blog/2025/is-t…
Tool: github.com/fortra/impacke…

And also, big thanks to jmk (Joe Mondloch) for the collab' :D!
 English
9203
597
30.4K

Hocine retweetledi

MDSec@MDSecLabs·21 Mar
Stumbled on ServiceNow during a red team? If not you might want to check our latest post on Red Teaming with ServiceNow by @__invictus_ mdsec.co.uk/2025/03/red-te…
 English
699
320
40K

Hocine retweetledi

Bobby Cooke@0xBoku·18 Mar
Loki C2 blog drop! Thank you for all those who helped and all the support from the community. Big shoutout to @d_tranman and @chompie1337 for all their contributions to Loki C2! @IBM @IBMSecurity @XForce 
securityintelligence.com/x-force/bypass…
 English
21130
314
36.8K

Hocine retweetledi

Orange Cyberdefense's SensePost Team@sensepost·7 Mar
Attacks against AD CS are de rigueur these days, but sometimes a working attack doesn’t work somewhere else, and the inscrutable error messages are no help. Jacques replicated the most infuriating and explains what’s happening under the hood in this post sensepost.com/blog/2025/divi…
 English
1110
316
37.1K

Hocine retweetledi

Mayfly@M4yFly·6 Mar
New Active Directory Mindmap v2025.03! 🚀

📖 Readable version: orange-cyberdefense.github.io/ocd-mindmaps/i…

🔧 Now fully generated from markdown files—way easier to update and maintain!

💡 Got improvements? PRs welcome! 👉 github.com/Orange-Cyberde…
 English
9329
885
40.7K

Hocine retweetledi

S3cur3Th1sSh1t@ShitSecure·28 Şub
Bypass AMSI in 2025, my newest blog post is published 🥳! A review on what changed over the last years and what's still efficient today.

en.r-tec.net/r-tec-blog-byp…
 English
1281
673
35.9K

Hocine retweetledi

Synacktiv@Synacktiv·27 Şub
In our latest article, @croco_byte and @SScaum demonstrate a trick allowing to make Windows SMB clients fall back to WebDav HTTP authentication, enhancing the NTLM and Kerberos relaying capabilities of multicast poisoning attacks!
synacktiv.com/publications/t…
 English
395
179
16.4K

Hocine retweetledi

Orange Cyberdefense Switzerland@orangecyberch·19 Şub
💻🛡️In this blog post, Clément Labro explains how he developed a tool that lets you run Powershell without the various system protections.
 
👉 Discover this article on our blog: ow.ly/sLyH50V1Lzm
 
#orangecyberdefense #cybersecurity #ethicalhacking #switzerland #PowerShell
 English
149
80
5.4K

Hocine retweetledi

Aurélien Chalot@Defte_·11 Şub
While doing internal assessments, I was often able to bypass EDR's because of them trusting legitimate binaries. In this blogpost I'll show why trust is wrong creating a python wrapper for PsExeSVC.exe (M$) and explain why zero trust is mandatory! tinyurl.com/4vr94skf
 English
892
388
27.5K

`Keşfet`

@AnonArtist8 @bytewreck @yaumn_ @aituglo @yeswehack @__invictus_ @d_tranman @chompie1337