Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederharmj0y.net
harmj0y
Get the latest updates from harmj0y directly as they happen.
Follow now 143 followers
Latest posts
Last updated almost 3 years ago
Certified Pre-Owned
almost 3 years ago
TL;DR Active Directory Certificate Services has a lot of attack potential! Check...
A Case Study in Wagging the Dog: Computer Takeover
about 5 years ago
Last month, Elad Shamir released a phenomenal, in depth post on abusing...
Kerberoasting Revisited
about 5 years ago
Rubeus is a C# Kerberos abuse toolkit that started as a port...
Not A Security Boundary: Breaking Forest Trusts
over 5 years ago
For years Microsoft has stated that the forest was the security boundary...
Another Word on Delegation
over 5 years ago
Every time I think I start to understand Active Directory and Kerberos...
Rubeus – Now With More Kekeo
over 5 years ago
Rubeus, my C# port of some of features from @gentilkiwi‘s Kekeo toolset...
From Kekeo to Rubeus
over 5 years ago
Kekeo, the other big project from Benjamin Delpy after Mimikatz, is an...
Operational Guidance for Offensive User DPAPI Abuse
over 5 years ago
I’ve spoken about DPAPI (the Data Protection Application Programming Interface) a bit...
The PowerView PowerUsage Series #5
almost 6 years ago
This is the fifth post in my “PowerView PowerUsage” series, and follows...
Remote Hash Extraction On Demand Via Host Security Descriptor Modification
about 6 years ago
This is the long overdue follow-up to the “An ACE in the...
The PowerView PowerUsage Series #4
over 6 years ago
This is a short follow-up to my “A Guide to Attacking Domain...