RedTeam Pentesting
@redteam-pentesting.de
π€ 40
π₯ 48
π 19
Account for RedTeam Pentesting GmbH Imprint:
https://redteam-pentesting.de/imprint/
π Turns out MS-EVEN can do a lot more than NULL auth: In addition to leaking environment variables, it is possible to coerce authentication from arbitrary logged on users* π€― *If you are willing to trigger Windows Defender.
about 1 month ago
1
1
0
We're excited to host our XSS workshop for RWTH Aachen University's SecLab, again. Today, the students will face XSS challenges as well as a hunt for IT security easter eggs to climb the leaderboard π
#rwth
#informatik
#aachen
3 months ago
0
0
0
Based on our testing, MS seems to have fixed CVE-2025-33073 by blocking the CredUnmarshalTargetInfo/CREDENTIAL_TARGET_INFORMATIONW trick!
@tiraniddo.dev
@decoder-it.bsky.social
@synacktiv.com
#infosecsky
#infosec
#pentests
#redteam
#cybersky
#cybersecurity
bsky.app/profile/redt...
add a skeleton here at some point
4 months ago
0
1
0
π¨ Our new blog post about Windows CVE-2025-33073 which we discovered is live: πͺThe Reflective Kerberos Relay Attack - Remote privilege escalation from low-priv user to SYSTEM with RCE by applying a long forgotten NTLM relay technique to Kerberos:
blog.redteam-pentesting.de/2025/reflect...
loading . . .
A Look in the Mirror - The Reflective Kerberos Relay Attack
It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While rese...
https://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/
4 months ago
1
7
5
π¨π¨π¨ Just a heads-up: Microsoft will release a fix for a vulnerability we discovered as part of Patch Tuesday, today. MS classified CVE-2025-33073 as "important" and we recommend patching soon. Stay tuned for our blog post and paper about it tomorrow at 10:00 am CEST π₯
4 months ago
1
1
1
Newer Windows clients often enforce signing βοΈ when using SMB fileshares. To quickly deploy an SMB server with signing supported we implemented this in impacket's smbserver.βpy based on a prior work by
@lowercasedrm.bsky.social
.
github.com/fortra/impac...
loading . . .
smbserver.py: add signing support by using computer account with NetLogon by rtpt-romankarwacik Β· Pull Request #1975 Β· fortra/impacket
This pull requests adds the option to support signing for arbitrary clients in a domain. Most of the NetLogon code is based on this gist by @ThePirateWhoSmellsOfSunflowers. To use this functionalit...
https://github.com/fortra/impacket/pull/1975
4 months ago
0
2
1
π It is finally time for a new blog post! Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling β¨
#infosecsky
#infosec
#pentests
#redteam
#cybersky
#cybersecurity
blog.redteam-pentesting.de/2025/windows...
loading . . .
The Ultimate Guide to Windows Coercion Techniques in 2025
Windows authentication coercion often feels like a magic bullet against the average Active Directory. With any old low-privileged account, it usually allows us to gain full administrative access to al...
https://blog.redteam-pentesting.de/2025/windows-coercion
4 months ago
1
3
2
you reached the end!!
feeds!
log in
