5CRIP7K47Y
@scriptkaty
⚚ A Brave and Untiring Tractor ⚚ OSCP Pentester & Red-Teamer ⚚ Candy Addict ⚚ Opinions are my own. She/Her.
Dit vind je misschien leuk
drop your top tips for helping/improving your mental health in the comments! i’ll start: accept that it’s okay - normal, even - to not spend all of your time in front of a screen. you don’t have to be practicing or studying cyber 24/7/365 in order to be successful in the field.
Check out our new blog. I've demonstrated an attack scenario using Cobalt Strike and SCCM admin privileges to hunt for DA sessions, deploy beacons laterally with SCCM app deployment, and compromise of a DA account. guidepointsecurity.com/blog/sccm-expl…
guidepointsecurity.com
SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment
Senior Security Consultant Marshall Price demonstrates the importance of properly assigned access and tiered administration for preventing lateral movement.
No AI, no content automation (besides an RSS reader), 100% human curated cybersecurity content by myself and @__ar0d__. Published weekly to the web with no Javascript, via email, or RSS. It's the blog I wish existed before I started it. Don't sleep on it!
Nighthawk 0.3 (@MDSecLabs), Musl heap exploit (@NCCsecurityUS), Copilot chat 💉 (@wunderwuzzi23), and more! blog.badsectorlabs.com/last-week-in-s…
blog.badsectorlabs.com
Last Week in Security (LWiS) - 2024-06-17
Nighthawk 0.3 (@MDSecLabs), Musl heap exploit (@NCCsecurityUS), Copilot chat 💉 (@wunderwuzzi23), allowPrivilegeEscalation in K8s (@christophetd), and more!
New #SCCM hotness: guidepointsecurity.com/blog/sccm-expl…
come hang tomorrow and listen to me equate pentesting to playing metroidvania games on the @BHinfoSecurity webcast! pre-show banter starts at 11:30am central and slides start at noon ༼つ◕_◕༽つ 🪤
Hey folks! Join us for two free one-hour Black Hills Information Security (BHIS) webcasts on Thursday, March 28th. Register and attend one or both of the webcasts: events.zoom.us/ev/AsnGPEP9qjh… 1pm ET — Metroidvania Games as a Methodology and Approach for Pentesting w/ Ben Burkhart…
INFOSEC SURVIVAL GUIDE v2 from @BHinfoSecurity is here and FREE online for your perusal or you can buy a physical copy for basically S/H. lots of love and great work in here, and I finally got to formalize my title at work
The new -- The Infosec Survival Guide -- was created by the #infosec community for the infosec community and you can now download the whole PDF for free -- no paywall, no registering. blackhillsinfosec.com/prompt-zine/pr… Get physical copies for $1 each + shipping. United States only.…
them: any weekend plans? us:
Hampster Dance 🐹🐹🐹
The goal post keeps moving because the office of Community Safety was never designed to actually improve public safety in Minneapolis. The entire office is a puppet show by MPD & the Frey administration designed to undermine alternatives to policing and deflect accountability.
Things are so bad with MPD hiring practices that a former cop is the whistleblower in his own re-hiring. kstp.com/5-investigates…
the dirty secret of Minneapolis, well-off liberals of this city despise the rude discord and disobedience of social activism far far more than they despise the abuse, violence and discrimination of their police department. It is not even a close contest.
My body is ready
Jacob Frey’s Team Gives Him Nintendo Switch To Keep Him From Posting on Juneteenth buff.ly/3PlnGiH
Microsoft recently reached out to get my perspective of identity security (Active Directory & Azure AD). Here's the interview: techcommunity.microsoft.com/t5/microsoft-s… TLDR: Many of the issues we have seen with Active Directory are in Azure AD as well from a customer perspective.
Cry
New blog: Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust I teased this a bit during my Windows Hello talks, now found some time to write about this interesting technique. Also contains defenses and detection opportunities. dirkjanm.io/obtaining-doma…
20 years in prison and a $1M fine for using a VPN to watch TikTok videos.
Holy shit, that was one of the most powerful pieces of journalism I’ve consumed in a minute
This is one of the most important pieces of journalism ever produced. Washington Post gets permission from parents of mass shooting victims to create 3D models of what AR-15s did to their children’s bodies. As close as we’ll get to publishing photos washingtonpost.com/nation/interac…
United States Trends
- 1. Good Thursday 21K posts
- 2. Nnamdi Kanu 45.6K posts
- 3. Knicks 13.7K posts
- 4. But Jesus 21.3K posts
- 5. #GirlPower N/A
- 6. Shamet 3,031 posts
- 7. FEMA 72.3K posts
- 8. Sam Harris 3,502 posts
- 9. FREE HAT 1,718 posts
- 10. #Survivor49 3,999 posts
- 11. NO CAP 14.8K posts
- 12. Derik Queen 4,756 posts
- 13. Lute 86.7K posts
- 14. LANDRY 2,922 posts
- 15. Fulani 76.7K posts
- 16. Pink Floyd 2,743 posts
- 17. #LAShortnSweet 4,015 posts
- 18. Nany 2,042 posts
- 19. #CMAawards 5,641 posts
- 20. Crockett 54.6K posts
Something went wrong.
Something went wrong.