Lightnews — Scholar-powered news

#podcast #cybersecurité | Charles F. Hamilton

November 10, 2025 at 1:55 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EST.

Tonight, we continue building a reconnaissance tool for Azure to identify Azure attack vectors. This is Part III and the final part of our Azure journey.

truecyber.world

#Azure #redteaming

trucyber.world

November 5, 2025 at 2:09 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

If you are interested, I talked about cybersecurity during a podcast (it's in French). We talked about Azure and the trends I observed during red team exercises.

www.linkedin.com/posts/charle...

#podcast #CyberSecurity

J'ai une fois de plus eu la chance de participer au podcast de PolySécure pour discuter de cybersécurité. On a discuté d'Azure et des tendances que j'observe durant les exercices offensifs. Bonne éco...

Join TrueCyber Learning Platform | Charles F. Hamilton

October 21, 2025 at 12:54 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 Pam EDT. How Azure and Entra ID can be misused as part of a red team exercise. More information below.

#Azure
#RedTeam

www.linkedin.com/posts/charle...

Tonight I will continue to show how Azure and Entra ID can be misused as part of a red team exercise. We are going to code the tool live and explore Azure functionality that could be leveraged to gain...

#azure #redteam #pentest | Charles F. Hamilton

October 15, 2025 at 1:46 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

For some reason, Azure is assumed to be secure by design, which is not the case. Validating the default user permissions is important to ensure that everything that can be hardened is hardened.

#Azure #RedTeam

www.linkedin.com/posts/charle...

Français plus bas Another week, another Azure advice. We've previously talked about application permissions, phishing vectors, and more. Today, let's talk about Azure configuration itself. When was ...

Senior Penetration Testing Consultant | Charles F. Hamilton

October 9, 2025 at 2:33 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are hiring for a senior red teaming / pentest role at CYPFER.

Interested in applying, feel free to reach out to me.

100% remote role; more information here:

www.linkedin.com/posts/charle...

#redteam #hiring #pentest

We are hiring for our Offensive team. If you are interested in red teaming and traditional pentesting in a highly motivated team, this is your opportunity. If doing R&D, writing your own tools, and l...

October 8, 2025 at 12:43 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.

Tonight's session is about Microsoft Azure. We will do a deep dive into how it can be abused as part of a red team. We will automate the process by writing a complete tool to perform attacks and reconnaissance.

truecyber.world

#azure #redteam #graphapis | Charles F. Hamilton

October 1, 2025 at 1:21 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

The Azure Graph API /beta/users endpoint is definitely an interesting one, as it now includes on-premise Active Directory information, which was not included in the previous /v1.0/users.

www.linkedin.com/posts/charle...

#Azure #RedTeam #Graph

Français plus bas I showcased a few interesting Azure applications that can be used to gather more information than allowed by default, including ways to bypass UsersPermissionToReadOtherUsersEnabled...

#redteam #azure | Charles F. Hamilton

September 25, 2025 at 3:35 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

Interested in attack vectors in Azure.

I have documented another example to have read permission on all the applications exposed in the tenant and more. Blocking default applications is crucial to prevent such vectors.

www.linkedin.com/posts/charle...

#Azure #RedTeam

Français plus bas Interested in learning more about Azure built-in applications that can be misused? Here is another one that allows you to list all the applications deployed within your tenant. A st...

https://linkedin.com/posts/charles-…

September 23, 2025 at 5:08 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

I'm working on a useful tool that allowed me to discover quite a few interesting attack vectors in Azure.

UsersPermissionToReadOtherUsersEnabled bypass
MFA bypass
Privileges escalation
And more

www.linkedin.com/posts/charle...

#Azure #RedTeam

September 17, 2025 at 5:06 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.

Tonight's session is about running your own LLM locally and building a simple cross-platform .NET client interface to interact with it. The private LLM is quite useful during red team exercises.

truecyber.world

GitHub - Mr-Un1k0d3r/DotnetNoVirtualProtectShellcodeLoader: load shellcode without P/D Invoke and VirtualProtect call.

September 3, 2025 at 1:25 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

You want to load your shellcode in .NET without calling VirtualProtect? Use RuntimeHelpers.PrepareMethod to create a predictable RWX memory region for you. This method also doesn't require a delegate function pointer, since you override a .NET method.

github.com/Mr-Un1k0d3r/...

load shellcode without P/D Invoke and VirtualProtect call. - Mr-Un1k0d3r/DotnetNoVirtualProtectShellcodeLoader

github.com

September 2, 2025 at 1:50 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

It's time for the long weekend sale!
Get 50% OFF when you purchase both the Coding Class and the Red Team Training for just $400 (regularly $800). This includes over 200 hours of videos and source code.

More details here mr.un1k0d3r.world/training/a6e...

#redteam #discount

Mr.Un1k0d3r Offensive Red Team Training

mr.un1k0d3r.world

August 28, 2025 at 1:58 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.

Tonight's session is about understanding the underlying concepts of Active Directory Certificate Service (ADCS) and how certificate templates can be audited using C#.

truecyber.world

Next week, I will present a live webinar covering an interesting technique for executing shellcode using built-in .NET capabilities. | Charles F. Hamilton

August 6, 2025 at 1:18 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

Next week, I will present a live webinar covering an interesting technique for executing shellcode using built-in .NET capabilities.

www.linkedin.com/posts/charle...

#redteam #webinar

Next week, I will present a live webinar covering an interesting technique for executing shellcode using built-in .NET capabilities. Join us on August 6 to explore some of the tradecraft we developed...

July 29, 2025 at 2:40 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EST.

Tonight's session is about auditing and searching for misconfigured GPOs using C# during a red team exercise.

truecyber.world

July 23, 2025 at 1:15 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.

Tonight's episode is about writing your own SOCKS5 proxy that can serve as your complete C2, allowing you to perform all operations remotely.

truecyber.world

July 2, 2025 at 12:57 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM!

Tonight's session is about incorporating sandbox evasion techniques into your malware using C and C#.

truecyber.world

June 4, 2025 at 3:11 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

The upcoming live session will be presented live from @northsec.io this Friday, May 16, 2025, at 1 PM EST.

We will be chaining a novel technique in .NET that does not require any RWX memory allocation or external APIs.

truecyber.world

May 15, 2025 at 2:24 AM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EST.

Tonight's session is about Understanding Azure and Graph: Automating user enumeration and more.

We'll explore how to leverage Azure and Graph during a red teaming exercise.

truecyber.world

Mr.Un1k0d3r Offensive Red Team Training

April 23, 2025 at 1:14 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

For the long weekend, I'm offering a 50% off discount on my coding class and Red Team course. You get both for $400 instead of $800. If you search a bit, you might even find an extra $50 discount using your web skills.

mr.un1k0d3r.online/training/lon...

Offer will last for 24 hours.

mr.un1k0d3r.online

April 18, 2025 at 12:34 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.
Tonight's session is about gathering user information without using LDAP queries in an Active Directory domain, using WMI.

This is achieved by using a COM object and C.

truecyber.world

Advanced Red Teaming Tactics: Latest Trends For A Successful Exploitation | Charles F. Hamilton

April 16, 2025 at 12:47 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

I wrote a white paper at CYPFER regarding the techniques we use during our red team engagement.

#redteam #cypfer

www.linkedin.com/posts/charle...

I wrote a white paper that covers the attacks we often use during red team exercises, ranging from phishing vectors to EDR evasion, including exploitation and lateral movement. This is just a small p...

#redteam #livesession #athens | Charles F. Hamilton

April 14, 2025 at 3:00 PM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

It is an honor to present at Offensive X this summer. I'm looking forward to sharing some of my tradecraft when it comes to red teaming payload crafting.

Let me know if you're coming too so we can catch up!

www.linkedin.com/posts/charle...

It is an honor to present at Offensive X this summer. I'm looking forward to sharing some of my tradecraft when it comes to red teaming payload crafting. Let…

March 26, 2025 at 11:31 AM

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

We are going live tonight at 7 PM EDT.

Tonight's session will cover a method to gather Active Directory user information remotely in a Windows domain without using LDAP queries. Instead, we will use Lsa* APIs and a bit of magic.

truecyber.world