Todd
LightNews LightNews
nullkrysus.bsky.social
Todd
@nullkrysus.bsky.social
21 followers 120 following 0 posts
just a short person trying to do the cyberz
Posts Replies Media Videos
Reposted by Todd
attackthesoc.com
As @ericazelic.bsky.social mentioned all the energy around Device Code abuse is long overdue.
To get more info about how it’s done, these articles are relevant
2020 & 2022 respectively

@drazuread.bsky.social aadinternals.com/post/phishing/

@inversecos www.inversecos.com/2022/12/how-...
Introducing a new phishing technique for compromising Office 365 accounts
The ongoing global phishing campaings againts Microsoft 365 have used various phishing techniques. Currently attackers are utilising forged login sites and OAuth app consents. In this blog, I’ll intr...
aadinternals.com
February 14, 2025 at 11:21 PM
Reposted by Todd
kfosaaen.bsky.social
In addition to the blog out today, there's a new tool in MicroBurst - Get-AzMachineLearningCredentials
This one has been in the works for a while, but it's a tool to dump the credentials that are stored by the Azure Machine Learning service. github.com/NetSPI/Micro...
MicroBurst/Az/Get-AzMachineLearningCredentials.ps1 at master · NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security - NetSPI/MicroBurst
github.com
January 8, 2025 at 4:33 PM
Reposted by Todd
specterops.io
📋 Get a step by step tutorial to setting up an ADFS lab using Ludus and/or a flexible hybrid cloud environment for testing in our latest blog post from Beyviel David.

Read for more: ghst.ly/4iIqLFO
ADFS Entra Lab with Ludus
TLDR: This blog walks you through setting up an ADFS lab using Ludus and/or a flexible hybrid cloud environment for testing.
ghst.ly
December 19, 2024 at 5:40 PM
Reposted by Todd
rodtrent.com
How to successfully evaluate the SAP for Sentinel solution and implement it in production (Part 1) techcommunity.micros...

#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
How to successfully evaluate the SAP for Sentinel solution and implement it in production (Part 1) | Microsoft Community Hub
Special thanks to for reviewing this blog!   This series of blog posts walks you through the SAP for Sentinel solution and how you can evaluate the...
techcommunity.microsoft.com
December 17, 2024 at 5:47 PM
Reposted by Todd
taggart-tech.com
CVSS 9.8 RCE in BeyondTrust clients.

"Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user." Patches available.

www.beyondtrust.com/trust-center...
Pardon Our Interruption
As you were browsing something about your browser made us think you were a bot. There are a few reasons this might happen:
www.beyondtrust.com
December 17, 2024 at 5:44 PM
Reposted by Todd
0xdf.bsky.social
Compiled from HackTheBox is all about attacking a code compilation server. I'll exploit CVEs in Git and Visual Studio, and format a Gitea hash for hashcat.
HTB: Compiled
Compiled starts with a website designed to compile Git projects from remote repos. I’ll abuse a CVE in this version of Git to get RCE and a shell. To pivot to the next user, I’ll find the Gitea SQLite database and extract the user hashes. I’ll format that hash into something Hashcat can crack, and recover the password, which is also used by the user on the system. To get system, I’ll abuse a CVE in Visual Studio.
0xdf.gitlab.io
December 14, 2024 at 3:00 PM
Reposted by Todd
andyrobbins.bsky.social
A quick tour of new functions in BARK that support Azure Key Vault tradecraft research, including a walk-through of how an adversary may chain these functions together as part of an attack path: posts.specterops.io/azure-key-va...
November 20, 2024 at 7:03 PM