Jim Sykora
@jimsycurity.adminsdholder.com
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Pinned
Introduction:
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
Reposted by Jim Sykora
you can just go ask crows stuff instead of asking chatgpt
November 6, 2025 at 12:14 PM
you can just go ask crows stuff instead of asking chatgpt
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
November 5, 2025 at 4:25 AM
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
Reposted by Jim Sykora
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
At the Microsoft Security Response Center (MSRC), your feedback drives our innovation. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparent, and user-friendly.
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
October 31, 2025 at 3:48 PM
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
AdminSDHolder Misconceptions & Misconfigurations - SpecterOps
AdminSDHolder is an object and associated process in Active Directory Domain Services (AD DS) that helps protect specific sensitive and highly privileged accounts from being manipulated. This topic is...
specterops.io
October 31, 2025 at 7:47 PM
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
Reposted by Jim Sykora
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
October 29, 2025 at 10:25 PM
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Reposted by Jim Sykora
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
October 24, 2025 at 4:34 PM
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
Reposted by Jim Sykora
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Catching Credential Guard Off Guard - SpecterOps
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
ghst.ly
October 23, 2025 at 5:45 PM
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Reposted by Jim Sykora
Do you or somebody you know have a Windows 10 that isn't fit for a Windows 11 upgrade? (e.g. no TPM)
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
October 17, 2025 at 1:36 PM
Do you or somebody you know have a Windows 10 that isn't fit for a Windows 11 upgrade? (e.g. no TPM)
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
Reposted by Jim Sykora
Still in testing, but it’s a pattern anyone can use to manage Intune like any other Infrastructure as Code system.
github.com/AllwaysHyPe/...
github.com/AllwaysHyPe/...
GitHub - AllwaysHyPe/IntuneStack
Contribute to AllwaysHyPe/IntuneStack development by creating an account on GitHub.
github.com
October 21, 2025 at 3:01 AM
Still in testing, but it’s a pattern anyone can use to manage Intune like any other Infrastructure as Code system.
github.com/AllwaysHyPe/...
github.com/AllwaysHyPe/...
Reposted by Jim Sykora
Lilac-breasted Roller
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
October 20, 2025 at 8:27 PM
Lilac-breasted Roller
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Reposted by Jim Sykora
Introducing PingOneHound, a BloodHound extension to map and remediate attack paths in PingOne.
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
PingOne Attack Paths - SpecterOps
You can use PingOneHound in conjunction with BloodHound Community Edition to discover, analyze, execute, and remediate identity-based attack paths in PingOne instances.
ghst.ly
October 20, 2025 at 7:19 PM
Introducing PingOneHound, a BloodHound extension to map and remediate attack paths in PingOne.
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
Reposted by Jim Sykora
Seriously, I love this post so much - Good weekend timeline cleanser: "Root for Your Friends · Joseph Thacker"
m.cje.io/3KYvnLt
m.cje.io/3KYvnLt
Root for Your Friends
Discover the power of rooting for your friends and how it can amplify success for everyone involved.
m.cje.io
October 18, 2025 at 10:39 PM
Seriously, I love this post so much - Good weekend timeline cleanser: "Root for Your Friends · Joseph Thacker"
m.cje.io/3KYvnLt
m.cje.io/3KYvnLt
Reposted by Jim Sykora
just watched a dozen people ask microsoft copilot experts their most pressing questions and those questions were 90% “how do i turn it off?” and “when i turn it off, is it really off or is it spying on me?”
October 9, 2025 at 1:45 PM
just watched a dozen people ask microsoft copilot experts their most pressing questions and those questions were 90% “how do i turn it off?” and “when i turn it off, is it really off or is it spying on me?”
Reposted by Jim Sykora
chat, its been another lovely week of internet schizophrenia. please enjoy this cute video of this kitty cat
October 5, 2025 at 5:59 PM
chat, its been another lovely week of internet schizophrenia. please enjoy this cute video of this kitty cat
Reposted by Jim Sykora
A little OpenGraph POC for mapping PE header imports of all .dll and .exe files in a fresh Windows install. These are all the binaries that have some kind of import chain leading to kernel32.dll
October 2, 2025 at 4:51 PM
A little OpenGraph POC for mapping PE header imports of all .dll and .exe files in a fresh Windows install. These are all the binaries that have some kind of import chain leading to kernel32.dll
Reposted by Jim Sykora
Stunning male northern cardinal with both its tail and crest raised.
#birds #birdphotography #birdsoftheworld #photography #nature
#birds #birdphotography #birdsoftheworld #photography #nature
October 1, 2025 at 7:36 PM
Stunning male northern cardinal with both its tail and crest raised.
#birds #birdphotography #birdsoftheworld #photography #nature
#birds #birdphotography #birdsoftheworld #photography #nature
Reposted by Jim Sykora
NEW: I interviewed Leonard Peltier at his new home in North Dakota.
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
‘We’re In Danger’: Leonard Peltier Has A Warning About Trump
In a sit-down interview, the Indigenous rights activist reflects on his nearly 50 years in prison, why he thinks Biden bucked the FBI to free him, and how tribes are “in danger” under Trump.
www.huffpost.com
September 30, 2025 at 1:52 PM
NEW: I interviewed Leonard Peltier at his new home in North Dakota.
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Reposted by Jim Sykora
Reposted by Jim Sykora
BLOG: Upgrading to Windows Server 2025 from Windows Server 2012 R2, 2016, 2019, or 2022 using Media (ISO)
techcommunity.microsoft.com/blog/windows...
techcommunity.microsoft.com/blog/windows...
Upgrading to Windows Server 2025 from Windows Server 2012 R2, 2016, 2019, or 2022 using Media (ISO) | Microsoft Community Hub
About media-based upgrade to Windows Server 2025
With N-4 media based upgrades, you can upgrade your organization’s physical devices and virtual machines...
techcommunity.microsoft.com
September 24, 2025 at 6:04 PM
BLOG: Upgrading to Windows Server 2025 from Windows Server 2012 R2, 2016, 2019, or 2022 using Media (ISO)
techcommunity.microsoft.com/blog/windows...
techcommunity.microsoft.com/blog/windows...
Reposted by Jim Sykora
i challenge you to find cooler news today than “despite all odds against American scientific research rn, a CO researcher developed a temperature-stable, single dose rabies vaccine that works bc of particles coated in CANDY & SAPPHIRE, & it could help reduce rabies deaths in places w/o electricity”
Happy (rainy) Tuesday, #Boulder. I've got a new story for you all about a new temperature-stable, single-injection rabies vaccine developed by @colorado.edu researcher Ted Randolph.
www.colorado.edu/today/2025/0...
www.colorado.edu/today/2025/0...
New single-dose, temperature-stable rabies vaccines could expand global access
CU Boulder engineers have developed a new method for making vaccines that combines multiple, timed-release doses into a single injection that doesn't require
www.colorado.edu
September 23, 2025 at 4:33 PM
i challenge you to find cooler news today than “despite all odds against American scientific research rn, a CO researcher developed a temperature-stable, single dose rabies vaccine that works bc of particles coated in CANDY & SAPPHIRE, & it could help reduce rabies deaths in places w/o electricity”
Reposted by Jim Sykora
On January 1st, the sky was absolutely wild in Grand Marais, MN. I still think about this sunset on a regular basis.
#sunset #LakeSuperior #Minnesota #landscape #PhotographersUnited
#sunset #LakeSuperior #Minnesota #landscape #PhotographersUnited
September 24, 2025 at 12:09 AM
On January 1st, the sky was absolutely wild in Grand Marais, MN. I still think about this sunset on a regular basis.
#sunset #LakeSuperior #Minnesota #landscape #PhotographersUnited
#sunset #LakeSuperior #Minnesota #landscape #PhotographersUnited
Apple crisp for breakfast.
September 23, 2025 at 1:13 PM
Apple crisp for breakfast.
Howdy, Gizmo's dad here. Did some hiking with Gizmo.
September 22, 2025 at 6:01 PM
Howdy, Gizmo's dad here. Did some hiking with Gizmo.
Reposted by Jim Sykora
This is Annie. She freaking loves fall. 13/10 (FB: James Osborne)
September 22, 2025 at 2:55 PM
This is Annie. She freaking loves fall. 13/10 (FB: James Osborne)
Reposted by Jim Sykora
Excited to speak this weekend at @pancakescon.com! Come check out what I’ve been cooking the last few weeks!
From DACLs to dragons: @winterknight.net is bringing the ultimate mashup to @pancakescon.com.
Half Windows security deep-dive, half D&D villain masterclass. Because why choose between protecting your filesystem and crafting the perfect antagonist? 🐉
Learn more: pancakescon.com/
Half Windows security deep-dive, half D&D villain masterclass. Because why choose between protecting your filesystem and crafting the perfect antagonist? 🐉
Learn more: pancakescon.com/
September 17, 2025 at 7:05 PM
Excited to speak this weekend at @pancakescon.com! Come check out what I’ve been cooking the last few weeks!