Jarno
196 posts
Jarno
@jmoosdijk
Red teamer @ Outflank
Amsterdam, The Netherlands Katılım Ocak 2011
159 Takip Edilen780 Takipçiler
If you’re going to BlackHat: don’t miss out on these!
Stan Hegt@StanHacked
The Outflank and Cobalt Strike researchers will be hosting 15 minute technical lightning talks at our BlackHat USA booth. ⚡️ There's some really good content in there that you don't want to miss. 📍Booth #4422 (Fortra) 🕒 See attached schedule. Limited spots, so come early!
English
Jarno retweetledi
there are some cool opportunities for automation with public models (gpt-4.1 in this case)
more on training custom models next thursday
Outflank@OutflankNL
New blog! Here's our case study on using LLMs for accelerating offensive R&D. Our post details how we used Large Language Models to identify and exploit trapped COM objects. Next week at BlackHat we'll drop even hotter stuff on offensive AI research. 🔥 outflank.nl/blog/2025/07/2…
English
Jarno retweetledi
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability
It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷♂️
Read Here - akamai.com/blog/security-…
English
Hi @hotelscomhelp, reaching out publicly since, until now, its impossible to escalate a support case in which collected reward nights were wrongfully expired (evidence was supplied), losing 10+ eligible nights. Is this how you want to treat a loyal customer?
English
Ever wanted to properly fake device compliance to bypass Azure conditional access policies in your red teaming operation? Now you can, with the latest addition to the OST toolkit: ROADtune!
Outflank@OutflankNL
We worked with @_dirkjan to get this as an exclusive into Outflank Security Tooling with a new tool called ROADtune. ROADtune allows red teamers to: - bypass CAP by faking device compliance registration - loot secrets from applications pushed to compliant devices Cool stuff!
English
Jarno retweetledi
🚀 We're hiring a DevOps/Cloud Engineer at Outflank!
Join us to build and manage complex Azure environments that deliver our OST toolkit.
Skills: Kubernetes (AKS), GitOps, IaC, Tekton, Python💻 It's NOT an offensive role!
Based in NL or a time zone-friendly region? Let's chat!
English
Jarno retweetledi
Who’s the real #GrimResource? Spoiler: It’s us! 😏
Here's our latest blog on using MSC files for initial access: outflank.nl/blog/2024/08/1…
Fun fact: @elastic’s post on this technique came from a sample caught by a blue team, originally used by a red team through our OST offering.
English
With the name update also comes support for native macOS and Linux implants!
Outflank@OutflankNL
OST's Stage1 C2 is now Outflank C2, an optimised, OPSEC focused custom C2 framework with: •Native implants for Windows, macOS and Linux •Dynamic code exec •Proxying support •Peer-to-peer C2 between all three implants Get more info at bit.ly/4cgw8rl
English
@maciej_tomasiak @mycolsapp Same here. Not sure if it’s related to the update or just a service outage
English
App update is out on iOS and Android
We added an event feature so you can see upcoming cycling events, including their climbs ☺️ so update now!
English
Jarno retweetledi
It's not *always* about Windows--macOS and Linux #EDRs need attention, too! In our latest blog, @kyleavery explains more about the telemetry sources for these under-discussed #endpoint products>
outflank.nl/blog/2024/06/0…
English
Jarno retweetledi
Initial access to the max!
We just released a new OST tool, using our research and full weaponisation of an obscure file format.
This file format allows shellcode loading with just a double click and is under less MotW scrutiny than most other popular initial access vectors. 💪
English
Exactly what I was thinking
rootsecdev@rootsecdev
I do not agree with @Microsoft limiting access to the dev program. They could do a better job by vetting access with company email addresses and active licensing subscriptions other than visual studio enterprise. While people can pay for a standalone E5 license, my fear is this will continue to hinder legitimate access to development environments and create security risks when people want to learn cloud or test out initiatives in a non production tenant. I know I wouldn’t be where I am today without this Dev program. @satyanadella devblogs.microsoft.com/microsoft365de…
English
Jarno retweetledi
With his ability to stealthily get into houses, Santa is a natural red teamer, which is why he’s giving you the gift of offensive security!
Register now for a free training course on Microsoft Office tradecraft, taught by @StanHacked and @ptrpieter
outflank.nl/free-training-…
English
Jarno retweetledi
Let's explore the intricate dance of virtual to physical memory mapping in BYOVD tooling development! 💻
In @c3c's latest blog we delve into resolving addresses using Superfetch, unlocking control over physical memory.
Dive into the details now 👉
outflank.nl/blog/2023/12/1…
GIF
English
Looking forward to deception becoming available: next to planting files and cached creds, it looks like this will allow you to inject decoy info into responses to LDAP queries that are performed on a system, neat!
Matt Zorich@reprise_99
Anyone that has followed me knows that I love deception tech, especially deception technology that is easy to deploy and manage. In case you missed it with everything else announced at Ignite, deception rules are available in MDE - techcommunity.microsoft.com/t5/microsoft-d…
English
Jarno retweetledi
OST is tooling and tradecraft.
Our upcoming Tech DeepDive session is with @_dirkjan. He will share OPSEC tricks and private tradecraft on Azure AD attacks. Super useful when red teaming against Azure.
Such sessions are recorded and available to customers in their OST portal.
English
Jarno retweetledi
We’ve pushed “RemotePipeList” on our GitHub and released a blog post. The tools is used to list named pipes of remote systems. Useful for remote reconnaissance.
Blog post here outflank.nl/blog/2023/10/1…
C2 Tool Collection here github.com/outflanknl/C2-…
English
Jarno retweetledi
A TLP RED conference for red teamers.
👌 quality content, some of the best red team firms present, and a group sized small enough so you can speak to everybody and discuss your ideas.
This is 🔥af and what we think confs should be like. We need more like this. #redtreat23
Dominic Chell 👻@domchell
3 years ago, me, @StanHacked and @MarcOverIP set about creating our own con, built by red teamers for red teamers. Today it finally happened and it was 🔥 #redtreat23 @MDSecLabs @OutflankNL
English
Jarno retweetledi
Indirect syscalls, unhooking, hardware breakpoints and more. When developing a C2 implant it’s nice to work with a selection of these techniques.
Blog by @DaWouw, supported by @Cneelis : "Solving The “Unhooking” Problem"
outflank.nl/blog/2023/10/0…
English