Vincent Le Toux (Paris)

@mysmartlogon

Author of , contributor to (DCSync, setntlm, DCShadow) and . Wrote GIDS applet, OpenPGP card driver on Windows and OpenSC stuff.

France
Vrijeme pridruživanja: srpanj 2016.

Tweetovi

Blokirali ste korisnika/cu @mysmartlogon

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @mysmartlogon

  1. Prikvačeni tweet
    2. velj
    Poništi
  2. 29. sij

    If you want to grab me and speak (or ) you can find me in Malaga at the / -CSIRT join meeting. Final call for bugs / feedback / comment before the release of 2.8!

    Poništi
  3. 27. sij

    You'd better check if you disabled LDAP signature before March 2020. does already check this GPO settings but doesn't give you any malus (yet)

    Poništi
  4. 27. sij

    Finish line to report bug / spelling mistake / feedback for PingCastle 2.8 !!!! After, it will be too late to fix bugs and you'll have to wait 6 months for bug fixes ... (unless you got a support contract)

    Poništi
  5. 24. sij

    Just tried the new file upload feature of Microsoft Forms You can upload extension svg, ps, 3gp, ... but it doesn't show .txt and it fails when you try to import a .txt file! (actually I need to import .msg) Can we change the list of file types allowed or it is just hardcoded? 🤣

    Poništi
  6. 18. sij

    I’m very quiet about customers but I’m very happy that Casino, a large company in the retail sector, is using Pingcastle for years and switched to our Enterprise Edition one year ago.

    Poništi
  7. 18. sij

    Beta of 2.8 available here: Key new features: -light & fast permission analysis à la Bloodhound -assess audit policy Check it and submit your feedback ASAP before code freeze next week Anyone can participate (and even fix my spelling mistakes!)

    Poništi
  8. 6. sij

    Soon the beta of 2.8! Last call for bug / new features / suggestions / spelling mistakes fixes!

    Poništi
  9. proslijedio/la je Tweet
    30. pro 2019.

    I have published a blog post: "Active Directory Security Fundamentals" - It contains a PDF with hands-on recommendations that you use to secure AD.

    Poništi
  10. Found this gem from about kerberos in .net Bonus: the KerbDump Tool to view the ticket and even decrypt its encrypted part. From what I understand from the code, Windows only - to confirm.

    Poništi
  11. How to prepare a dll to be loaded into LSASS with protection mode? -Get an EV Code signing cert (300$) -Open a MS partner account -add the "hardware" program -go to "file signing service" - prepare a cab containing the dll - sign the cab with your cert - submit and wait 1 hour

    Poništi
  12. proslijedio/la je Tweet
    18. pro 2019.
    Prikaži ovu nit
    Poništi
  13. It took me several years, but I'm now able to do remote desktop WITH a smart card WITHOUT being part of a domain WITH NLA authentication. Pure Crypto authentication (no password hack behind the scene) Demo from W10 to W2016. Next in

    Poništi
  14. Need to remove the private data from a report because one of your customer asked for it? Just regenerate the html report from the xml report. Indeed, by default, the xml is stripped from all detailed and personal data.

    Poništi
  15. Quizz: what's the real company? A) or B) Hint: all the logos in panel are fake ones.

    Poništi
  16. Next in Finally merged permission/"control path"/"bloodhound light" analysis into the healthcheck report. Beta testers needed & feedback welcomed (support@pingcastle.com) No more excuse to get your domain compromised in 1 minute.

    Poništi
  17. This is 2019 and if you choose the right provider, you can still create your domain, claim to be a company, fraud and ... the registrar will protect you based on the usage policy. For CERT teams, how to you handle that? Are there a name and shame registrar list?

    Poništi
  18. I'm sure will be happy to explain this infringement. How can you receive mailing to create a new account if the explanation to have your private data if that you already created an account ? Note: I didn't create one

    Poništi
  19. Because I'm so tired to have computers vulnerable to bluekeep, I used my c# skills to build a powershell script testing for it. I was inspired by other scanners and I really don't understand the final test part. But it works. To be added in ?

    Poništi
  20. proslijedio/la je Tweet
    5. stu 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·