Dirk-jan

@_dirkjan

Hacker at . Connecter of dots. Likes to play around with security and Python.

Vrijeme pridruživanja: prosinac 2017.

Tweetovi

Blokirali ste korisnika/cu @_dirkjan

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_dirkjan

  1. proslijedio/la je Tweet
    29. sij

    AD Privilege Escalation Exploit: The Overlooked ACL

    Poništi
  2. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  3. 25. sij

    So what was supposed to be a week of skiing got cut short due to a torn ACL (no not Windows related :p), but I did manage to port krbrelayx to Python 3 and make some progress on new tools so I guess there is that 🙄

    Poništi
  4. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  5. 22. sij

    Shout-out to for pointing this out in his blog on inter-realm keys:

    Prikaži ovu nit
    Poništi
  6. 22. sij

    If you're playing with Kerberos and want to view the encrypted parts in Wireshark you can do so with a keytab file. Since impacket was missing structures for this I added a script to my forest trust tools repo which easily allows adding multiple keys:

    Prikaži ovu nit
    Poništi
  7. 16. sij

    As much as I love cloud, I'm super excited to be talking about Kerberos and Active Directory trusts (and breaking forest trusts again) at Black Hat Asia!

    Poništi
  8. 13. sij

    Day 1 of our internal Active Directory training at is done! Only 4 more to go in a week full of AD internals, privileges, Kerberos, Rubeus, NTLM, mimikatz, ACLs, trusts, impacket, BloodHound and more 😁

    Poništi
  9. proslijedio/la je Tweet
    13. sij

    New blog post on the Microsoft Cloud: What is Azure Active Directory? Post covers what Azure AD is, how it compares to on-prem Active Directory, connecting via PowerShell, and password spraying attacks, mitigation, & detection.

    Poništi
  10. proslijedio/la je Tweet
    9. sij

    Introducing Security Defaults - secure default settings that we manage on organization's behalf to keep customers safe until they are ready to manage their own identity security story.

    Poništi
  11. proslijedio/la je Tweet
    9. sij

    Do you struggle to understand in environment ? This new article may help clarify things by simply explaining how Kerberos works. It is the first of a serie of posts about attacking Active Directory. Stay tuned 🙃

    Poništi
  12. proslijedio/la je Tweet
    8. sij

    Not long until 2020 Insane amount of great speakers/trainers! Ryan MacDougall, Sebastiaan Bäck, Erich Ficker, Hassan Ahmad, Jens Müller Details and registration:

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    7. sij
    Odgovor korisnicima
    Poništi
  14. 7. sij
    Poništi
  15. proslijedio/la je Tweet
    2. sij

    lsassy 1.0.0 is finally out ! 🔸 Remotely dump **with built-in Windows tools only**, procdump is no longer necessary 🔸 Remotely parse lsass dumps to extract credentials 🔸 Link to to detect compromised users with path to Domain Admin

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. pro 2019.

    Just published some thoughts on red teaming, how to approach it, procure it and get in to it...

    Poništi
  17. proslijedio/la je Tweet
    21. pro 2019.

    Cool! My lightning talk submission for is accepted: "The caveats of implementing smart cards and MFA in Active Directory". 25 Minutes packed with nasty security details of AD, Kerberos and NTLM. Looking forward to another edition of this awesome conference!

    Poništi
  18. 21. pro 2019.

    I'm really looking forward to returning to next year! I'll be talking about Azure AD exploration and drop some big tooling for both red and blue teams 😃. Also is a super cool conference so if you have the chance I highly recommend attending!

    Poništi
  19. proslijedio/la je Tweet
    20. pro 2019.

    new blog post: No Shells Required - a Walkthrough on Using Impacket and Kerberos to Delegate Your Way to DA

    Poništi
  20. proslijedio/la je Tweet
    18. pro 2019.
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·