RedTeam PentestingOur tool for KeyCredentialLinks and Shadow Credential attacks keycred now works with updated domain controllers again!
It turns out, Microsoft violated their own specs.
Try it out: https://github.com/RedTeamPentesting/keycred/
#infosec #security
Romern
- 15 Followers
- 93 Following
- 12 Posts
We just released my writeup for my first CTF challenge I ever created, "Ghostbusters" for Haix-La-Chapelle 2025 CTF @Pwn_la_Chapelle .
it involves some cool techniques for exploiting Ghostscript and PDF/PostScript file type confusion.
Pwn-la-ChapelleBy popular demand, registrations for Haix-la-Chapelle are now open!
Register your account here:
https://haix-la-chapelle.eu/register
If you experience any issues, open a support ticket on our discord:
https://discord.gg/ASYqv7N2Rj
🔥Only 10 days left until the Haix-la-Chapelle 2025 CTF is starting on November 29!
We're sponsoring the prize money for the best writeups and are excited to see your creative solutions.
We are happy to announce that we will be hosting our first ever CTF, Haix-la-Chapelle 2025, on the 29th of November!
It will be a Jeopardy style CTF and will start at 10 am Berlin time, lasting for 24 hours.
You can find the CTFTime event at https://ctftime.org/event/2951 or you can check out our website at https://haix-la-chapelle.eu.
See you there!
🎉 It is finally time for a new blog post!
Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam
The Ultimate Guide to Windows Coercion Techniques in 2025
Windows authentication coercion often feels like a magic bullet against the average Active Directory. With any old low-privileged account, it usually allows us to gain full administrative access to almost arbitrary Windows workstations and servers, …
daniel:// stenberg://