Carsten
@0xcsandker
Followers
2K
Following
178
Statuses
96
Security enthusiast, Likes Windows Internals, AD & Entra — https://t.co/mVVbfkO7IO
Joined February 2017
@_xpn_ @Raiona_ZA Amazing, that's something that has been on my list for quite some time now... looking forward to give this a spin in my Lab. Thanks for the shoutout ♥️
1
0
2
RT @_xpn_: New tool published which is proving to be useful. Cred1py allows execution of the CRED-1 SCCM attack published by @Raiona_ZA ove…
0
162
0
@EricaZelic Enjoy building it (it surely comes with some up and downs :D) Once you’re all set up, you might find some useful attack routes in here :)
0
1
5
RT @pssvdrctry: @0xcsandker opening the round table with some 🔥 takes on AzureAD vs on-prem AD #TROOPERS23 @WEareTROOPERS
0
4
0
RT @Flangvik: Finishing off with shots @ShitSecure @SkelSec @_dirkjan @JsQForKnowledge @mgrottenthal @TealAlex2 @Jonas_B_K @sapirxfed @0xcs…
0
7
0
RT @_Mayyhem: SharpSCCM can now pull additional secrets such as domain join and local admin credentials found in PXE boot policies and decr…
0
66
0
Aaaaand OneNote will be next: Attachments in OneNote documents are planned to be blocked if these are considered of dangerous type. List of dangerous types can be found here: Docu: Roadmap:
Another one on the way: Microsoft has blocking internet-sourced Excel Add-Ins on its roadmap for 2023. Planned Rollout start was March '23, but seems still in development (according to Roadmap website, I've not looked into any previews). Roadmap item:
1
5
20
Another one on the way: Microsoft has blocking internet-sourced Excel Add-Ins on its roadmap for 2023. Planned Rollout start was March '23, but seems still in development (according to Roadmap website, I've not looked into any previews). Roadmap item:
Another one down: MOTW prevents VBA macros in Publisher (.pub) documents as of Feb. 14 2023 with But then again: How often is Office really updated?
0
3
14
@_wald0 👀 wow ... thank you, Andy! That's not something you hear every day, I'm really honored.
0
0
5
RT @lastweekinfosec: Phishing in 2023 (@0xcsandker), SaltStack A-Salt (Alex Hill - @SkylightCyber), LocalPotato (@decoder_it + @elad_shamir…
0
3
0
Azure-AccessPermissions v0.2.2 Updates: - PIM assigned directory roles - Conditional Access Policies for MFA enumeration - Minor tweaks and corrections
0
10
23
Another one down: MOTW prevents VBA macros in Publisher (.pub) documents as of Feb. 14 2023 with But then again: How often is Office really updated?
Revisiting phishing with MS Office documents. Shoutout to @mariuszbit, @ptrpieter, @StanHacked, @DaWouw (@OutflankNL)
0
4
18
@badsectorlabs @mariuszbit @ptrpieter @StanHacked @DaWouw @OutflankNL Thanks for catching that !! Blog updated.
0
0
0
0
0
1