Thomas Elling

449 posts

Thomas Elling banner
Thomas Elling

Thomas Elling

@thomas_elling

https://t.co/PvqOMJMh5K

Brooklyn, NY Katılım Aralık 2011
242 Takip Edilen277 Takipçiler
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
Ever run into an Azure SAS token URL while testing? This fantastic blog by @jakekarnes42 helps demystify all those parameters to show you the potential options to get to other files in the storage account - netspi.com/blog/technical…
English
0
4
9
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
Here's another serious vulnerability to add onto the list of recent Azure issues. This is our write up (and a thread) on CVE-2021-42306 (CredManifest), which addresses the cleartext storage of App Registration credentials in AAD SP manifests. netspi.com/blog/technical… (1/5)
English
4
164
344
0
Thomas Elling retweetledi
Mat Ryer
Mat Ryer@matryer·
How I write HTTP services in #golang has changed over the years... here's my current style. (Please consider sharing this with somebody you know who's learning Go.) It's a yarn... 🧶 1/13
English
27
337
1.6K
0
Thomas Elling retweetledi
Madhav Bhatt
Madhav Bhatt@desi_jarvis·
Releasing gcpHound ..!! This is an Offensive ToolKit for GCP. Along with privilege escalation and data exflitration , it’s got cool function for persistence and lateral movement from @Richarjb Checkout blog post below for more information. desi-jarvis.medium.com/gcphound-a-swi…
English
4
165
386
0
Thomas Elling retweetledi
mandatory.bsky.social
mandatory.bsky.social@IAmMandatory·
Shameless self-promo, but I'll be giving the talk "Hacking G Suite: The Power of Dark Apps Script Magic" at the upcoming Defcon 29 conference in Vegas. If you're interested in learning more about red teaming companies on GSuite come check it out 👍. #bryant" target="_blank" rel="nofollow noopener">defcon.org/html/defcon-29…
GIF
English
0
16
106
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
I’m really excited about this presentation. I’ll be presenting at 10 AM on Saturday with “Extracting all the Azure Passwords”.
Cloud Village@cloudvillage_dc

Our speaker list for @defcon is OUT! Visit cloud-village.org for the schedule Thank you for sending us so many quality papers and making our review team's job difficult :) Subscribe to our YouTube channel to avoid missing any talk-youtube.com/cloudvillage_dc #defcon29 #DEFCON

English
0
4
14
0
Thomas Elling retweetledi
fwd:cloudsec
fwd:cloudsec@fwdcloudsec·
David Okeyode (@asegunlolu) and Karl Fosaaen (@kfosaaen) will be presenting "An Introduction to Azure Offensive Security" #intro-to-azure-offensive-security" target="_blank" rel="nofollow noopener">fwdcloudsec.org/speakers.html#…
English
1
10
19
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
New addition to Get-AzPasswords in MicroBurst! We just added the option (-AKS) to export the clusterAdmin and clusterUser kubeconfig authentication files for AKS clusters. github.com/Netspi/Microbu…
English
1
4
39
0
Thomas Elling retweetledi
Kevin Robertson
Kevin Robertson@kevin_robertson·
[New Release] Inveigh 2.0: Rebuilt for C#, cross-platform (Windows, Linux, macOS), new listeners (SMB, LDAP, WebDAV, HTTPS), improved interactive console (tab complete, real time stats). github.com/Kevin-Robertso…
English
11
169
347
0
Thomas Elling retweetledi
Kelly Shortridge
Kelly Shortridge@swagitda_·
Introducing Patrolaroid, a malware scanner for AWS instances that doesn't yeet around your prod. @rpetrich & I made it OSS so ppl don't have to deploy sketchy security tools in prod just for basic coverage of malware, miners, toolkits, backdoors, etc. github.com/rpetrich/patro…
English
14
82
314
0
Thomas Elling retweetledi
Josh
Josh@passthehashbrwn·
New blog just went up. Some research on enumerating + exploiting compromised Azure managed identities with some new scripts that I added to MicroBurst. netspi.com/blog/technical…
English
0
8
11
0
Thomas Elling retweetledi
Dirk-jan
Dirk-jan@_dirkjan·
What a time to be alive... Install the Microsoft signed Hybrid Connection Manager on victim host, link it up with your Azure app, enjoy persistent access to the on-prem network from your Azure portal. Only needs https outbound to Azure and line of sight from victim to target host
Dirk-jan tweet mediaDirk-jan tweet media
English
19
322
858
0
Thomas Elling retweetledi
Jake Miller
Jake Miller@theBumbleSec·
Just when you thought JSON was the one thing you could trust. My latest research on JSON interoperability vulnerabilities highlights the risks of inconsistent parser behavior (40+ parsers) and attacks to bypass business logic in microservice architectures. labs.bishopfox.com/tech-blog/an-e…
English
17
504
1.1K
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
I added a -ModifyPolicies flag to Get-AzPasswords to temporarily add Key Vault "Get" and "List" Access Policy rights for your current user on all Keys and Secrets in a vault. This will revert any policy changes it makes when it's done. github.com/NetSPI/MicroBu…
English
1
9
34
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
MicroBurst Update! We just approved a PR to add methods for dumping automation account credentials, and running commands on VMs, all using the management REST APIs. Thanks to @passthehashbrwn for the awesome work! You can find the new functions here - github.com/NetSPI/MicroBu…
English
0
8
9
0
Thomas Elling retweetledi
h0mbre
h0mbre@h0mbre_·
i tried to make a beginner-friendly post about some of the basics related to code coverage in fuzzing, just going over terminology, common strats, and some tooling. hopefully this will be useful for some! h0mbre.github.io/Fuzzing-Like-A…
English
4
170
492
0
Thomas Elling retweetledi
Karl
Karl@kfosaaen·
I'm super excited about this post finally going live, but here is some fantastic Kerberos research by @NetSPI 's @jakekarnes42! This link is the intro post, but additional links are there for the two deep dive follow up posts on CVE-2020-17049. blog.netspi.com/cve-2020-17049…
English
3
39
115
0
Thomas Elling retweetledi
Andy Robbins
Andy Robbins@_wald0·
Tomorrow, @CptJesus and I are releasing the newest version of #BloodHound: 4.0. See the new features, new GUI, and new attack primitives first during our SO-CON presentation called "Six Degrees of Global Admin". Register here: specterops.io/so-con2020/eve…
Andy Robbins tweet media
English
4
86
224
0