Wil
@wilfri3d.bsky.social
📤 29
📥 69
📝 1
reposted by
Wil
Synacktiv
8 months ago
Our ninja
@kalimer0x00.bsky.social
is now on stage at
#x33fcon
to talk about his journey from dissecting SCCM until the discovery of the critical CVE-2024-43468 and the post-exploitation opportunities🔥
0
8
6
Check out how I discover CVE-2025-33073 : RCE with NTLM reflectiv attack allowing authenticated user to compromise any machine without SMB signing enforced !
add a skeleton here at some point
9 months ago
0
2
0
reposted by
Wil
Synacktiv
9 months ago
Microsoft just released the patch for
#CVE-2025-33073
, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by
@yaumn.bsky.social
and
@wilfri3d.bsky.social
.
www.synacktiv.com/publications...
loading . . .
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073
https://www.synacktiv.com/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025
0
7
6
reposted by
Wil
11 months ago
I had the privilege to attend this training at Synacktiv and it might be the best training you can get when it comes to Azure given by two guy who does Red Team all year round on this subject. Don't wait !
add a skeleton here at some point
0
0
1
reposted by
Wil
Synacktiv
11 months ago
Want to master cutting-edge techniques for attacking Azure? Join us this summer at
@blackhatevents.bsky.social
in Vegas for a deep dive into red teaming on Azure, M365, Azure DevOps, and hybrid infrastructures. Early bird tickets available until May 23rd!
www.blackhat.com/us-25/traini...
0
15
9
reposted by
Wil
Synacktiv
12 months ago
In our latest article,
@croco-byte.bsky.social
and
@scaum.bsky.social
demonstrate a trick allowing to make Windows SMB clients fall back to WebDav HTTP authentication, enhancing the NTLM and Kerberos relaying capabilities of multicast poisoning attacks!
www.synacktiv.com/publications...
loading . . .
Taking the relaying capabilities of multicast poisoning to the next level: tricking Windows SMB clients into falling back to WebDav
https://www.synacktiv.com/publications/taking-the-relaying-capabilities-of-multicast-poisoning-to-the-next-level-tricking
0
10
5
reposted by
Wil
Synacktiv
about 1 year ago
We've just updated our training catalog to include the latest additions, including a brand new course on ransomware investigations! Find all the dates and details at
www.synacktiv.com/en/offers/tr...
0
7
5
reposted by
Wil
Synacktiv
about 1 year ago
In our latest article, @croco_byte proposes an implementation of a trick discovered by James Forshaw in his research regarding Kerberos relaying. Discover how to perform pre-authenticated Kerberos relay over HTTP with our Responder and krbrelayx pull requests!
www.synacktiv.com/publications...
loading . . .
Abusing multicast poisoning for pre-authenticated Kerberos relay over HTTP with Responder and krbrelayx
https://www.synacktiv.com/publications/abusing-multicast-poisoning-for-pre-authenticated-kerberos-relay-over-http-with
0
16
13
reposted by
Wil
Synacktiv
about 1 year ago
Yay! Our offensive Azure training was accepted at BlackHat USA 2025 🥳 Can't wait to see you there and share cutting-edge techniques for attacking Azure environments!
0
9
7
you reached the end!!
feeds!
log in
