gatari

@MacmodSec yo, saw u at range village today! we were talking about godap 👋

Anyone around for Defcon Singapore? 🐦‍🔥🐲🐦‍🔥

@techspence genuine question: how often do you use user-to-user ACLs applied at such a scale though?

How to brush up on your on-prem Active Directory skills (for pentesters) 1. Spin up an AD lab 2. Use bad blood to intentionally misconfigure it 3. Try to fix the misconfigs & harden the environment 4. Now attack it…

@xxxbaemaxxx my school added as much friction as possible for students when they tried to do extra-curricular stuff, even if it's non-offensive related

My institution is apparently against it and there's no ifs or buts on this matter. But look what I got instead: 2 students of mine getting local recognition in presenting a conference. The school didn't support it but I told my students to do it (bypassing the institution)

To the SG cybersec community (especially the offensive security/red teaming peeps), it seems that the culture of our work gives a negative connotation, hence students aren't really encouraged to work on this.

@Unit42_Intel already? wtf

Criminals are using Teams and impersonating help desk personnel to deliver an #AdaptixC2 beacon. Attackers utilized #QuickAssist to run an update.ps1 file that downloads and runs an AdaptixC2 beacon using tech-system[.]online for its C2 server. Details at bit.ly/3SMlocQ

@ChadWst @techspence what's up with stale computer objects? never thought those were really problematic

@techspence Add DA’s the protected users group. Remediate PKI ESC vulnerabilities Clean up stale computer objects

Quick wins for hardening Active Directory that actually move the needle… 1, Run Locksmith and fix all findings 2, Make sure all admin accounts have unique strong passwords 3, Use fine-grained password policies 4, Remove 90% of the accounts in Tier 0 groups (they likely don’t really need to be there) These are just the first few that came to mind, what’s yours?

@brymko @meekochii had you stressing all day for nothing 🤣

@gatariee @meekochii ayy yoo.. I actually didnt loose it It was lodged behind another card 🤣🤣 see if you can see it

offbyone con 2025 haul, wasnt able to get around doing the badge ctf and i lost my range village badge, hopefully could score it next year everyone from the staff and attendees was super chill and skilled, def giving other security cons a run for their money

@meekochii that sounds like @brymko

@gatariee i went to the range village on day 1 and got the badge, guy with the QR code shirt and long hair unfortunately i lost the badge in the con😭

@meekochii i was running the range village, what are the chances we already met

@gatariee YESS i was, i came in and out of the con since there was only a few talks i was interested in wish we couldve met!

@0xBoku @d_tranman

@Redteamj correction, just remembered that CPTS doesn't have that

@Redteamj it's not assumed breach unfortunately, you'll just get SSH credentials for a machine inside the environment (same as CPTS)

should i do that new HTB AD cert? 🤔 🤔 academy.hackthebox.com/preview/certif…

@thoughtfault rbcd - letting your intern pick their own team of interns to cause a fire in the pantry

A Red Team engagement is a serious commitment for any org who wants to improve their security posture. In our new blog, @curi0usJack breaks down some goals of a Red Team engagement so that you can better measure its success. Read it now! hubs.la/Q039HVd70

@codex_tf2 im the one reporting it fuck you

every few days google flags my evasion adventures talk slides for being malicious 💀 its been manual reviewed and unflagged every single time yet they still reflag it every few days anyways lol

@SpacialSec @thoughtfault but should I do this in C or C++ ?

We would use Nathan Landon's HappyCamper to rename powershell.exe to notpowershell.exe, stopping all threat actor activity

Congratulations to @gatariee for the rare distinction of clearing our Certified Red Team Master exam! #GCBLab #CRTM #AlteredSecurity cc @nikhil_mitt alteredsecurity.com/gcb

@meekochii it's cute so i bought one anyway

@gatariee this typo has haunted me for months but im just rolling with it, im just gonna say its sarcastic

we pride ourselves in the accurate technical designs of our stickers

@Yeeb_ only aptlabs should have the words "red team" on it, although the lack of EDR isn't very red team either

lol everything is Red Team now