Max Andreacchi
@atomicchonk.bsky.social
AdSim Consultant @ SpecterOps 👻
Corgi dad 🐶
Cat servant 🐱
Tattoo collector 🖼️
Runner 🏃🏻
Corgi dad 🐶
Cat servant 🐱
Tattoo collector 🖼️
Runner 🏃🏻
Reposted by Max Andreacchi
Spoiler alert: Your AI safety measures might have a blind spot. 👀
When attackers use conversation context to bypass LLM safeguards, single-prompt evals just don't cut it anymore.
Dive into @atomicchonk.bsky.social's latest blog on multi-prompt attack detection. ghst.ly/47qJhzn
When attackers use conversation context to bypass LLM safeguards, single-prompt evals just don't cut it anymore.
Dive into @atomicchonk.bsky.social's latest blog on multi-prompt attack detection. ghst.ly/47qJhzn
This One Weird Trick: Multi-Prompt LLM Jailbreaks (Safeguards Hate It!) - SpecterOps
Using multiple prompts within the context of a conversation with an LLM can lead to safeguard bypasses. Learn about safeguards evaluations at scale.
ghst.ly
September 5, 2025 at 4:30 PM
Spoiler alert: Your AI safety measures might have a blind spot. 👀
When attackers use conversation context to bypass LLM safeguards, single-prompt evals just don't cut it anymore.
Dive into @atomicchonk.bsky.social's latest blog on multi-prompt attack detection. ghst.ly/47qJhzn
When attackers use conversation context to bypass LLM safeguards, single-prompt evals just don't cut it anymore.
Dive into @atomicchonk.bsky.social's latest blog on multi-prompt attack detection. ghst.ly/47qJhzn
Reposted by Max Andreacchi
Potato exploits have been a cornerstone of local priv esc on Windows for years, but how & why do the inner starchy workings of the potatoes function?
Join @atomicchonk.bsky.social next week to understand Windows access tokens & their use in the Windows environment. ghst.ly/june-web-bsky
Join @atomicchonk.bsky.social next week to understand Windows access tokens & their use in the Windows environment. ghst.ly/june-web-bsky
June 20, 2025 at 4:55 PM
Potato exploits have been a cornerstone of local priv esc on Windows for years, but how & why do the inner starchy workings of the potatoes function?
Join @atomicchonk.bsky.social next week to understand Windows access tokens & their use in the Windows environment. ghst.ly/june-web-bsky
Join @atomicchonk.bsky.social next week to understand Windows access tokens & their use in the Windows environment. ghst.ly/june-web-bsky
Reposted by Max Andreacchi
New blog post is up! Stepping out of my comfort zone (be kind), looking at Meta's Prompt Guard 2 model, how to misclassify prompts using the Unigram tokenizer and hopefully demonstrate why we should invest time looking beyond the API at how LLMs function. specterops.io/blog/2025/06...
Tokenization Confusion - SpecterOps
Meta's Prompt Guard 2 aims to prevent prompt injection. This post looks at how much knowledge of ML we need to be effective at testing these LLM WAFs.
specterops.io
June 3, 2025 at 4:57 PM
New blog post is up! Stepping out of my comfort zone (be kind), looking at Meta's Prompt Guard 2 model, how to misclassify prompts using the Unigram tokenizer and hopefully demonstrate why we should invest time looking beyond the API at how LLMs function. specterops.io/blog/2025/06...
Reposted by Max Andreacchi
It's potato harvest season! 🥔
Join our upcoming webinar w/ @atomicchonk.bsky.social as he breaks down the starchy workings of potato exploits — from Windows access tokens to technical walkthroughs of Rotten, Juicy, and Rogue potatoes.
Register at ghst.ly/june-web-bsky
Join our upcoming webinar w/ @atomicchonk.bsky.social as he breaks down the starchy workings of potato exploits — from Windows access tokens to technical walkthroughs of Rotten, Juicy, and Rogue potatoes.
Register at ghst.ly/june-web-bsky
May 29, 2025 at 9:21 PM
It's potato harvest season! 🥔
Join our upcoming webinar w/ @atomicchonk.bsky.social as he breaks down the starchy workings of potato exploits — from Windows access tokens to technical walkthroughs of Rotten, Juicy, and Rogue potatoes.
Register at ghst.ly/june-web-bsky
Join our upcoming webinar w/ @atomicchonk.bsky.social as he breaks down the starchy workings of potato exploits — from Windows access tokens to technical walkthroughs of Rotten, Juicy, and Rogue potatoes.
Register at ghst.ly/june-web-bsky
Reposted by Max Andreacchi
Just wrapped up a blog post on understanding BadSuccesor from a DACL abuse aspect and mitigating it from a DACL abuse perspective.
Also added some PowerShell on my GitHub to create and remove the mitigations.
Also added some PowerShell on my GitHub to create and remove the mitigations.
BadSuccessor is a new AD attack primitive that abuses dMSAs, allowing an attacker who can modify or create a dMSA to escalate privileges and take over the forest.
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
Understanding & Mitigating BadSuccessor - SpecterOps
Understanding the impact of the BadSuccessor AD attack primitive and mitigating the abuse via targeted Deny ACEs on Organizational Units.
ghst.ly
May 27, 2025 at 9:32 PM
Just wrapped up a blog post on understanding BadSuccesor from a DACL abuse aspect and mitigating it from a DACL abuse perspective.
Also added some PowerShell on my GitHub to create and remove the mitigations.
Also added some PowerShell on my GitHub to create and remove the mitigations.
Reposted by Max Andreacchi
BadSuccessor is a new AD attack primitive that abuses dMSAs, allowing an attacker who can modify or create a dMSA to escalate privileges and take over the forest.
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
Understanding & Mitigating BadSuccessor - SpecterOps
Understanding the impact of the BadSuccessor AD attack primitive and mitigating the abuse via targeted Deny ACEs on Organizational Units.
ghst.ly
May 27, 2025 at 9:11 PM
BadSuccessor is a new AD attack primitive that abuses dMSAs, allowing an attacker who can modify or create a dMSA to escalate privileges and take over the forest.
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
Check out @jimsycurity.adminsdholder.com's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
If you haven’t read the BadSuccessor blog post, woo boy: www.akamai.com/blog/securit...
www.akamai.com
May 24, 2025 at 2:40 AM
If you haven’t read the BadSuccessor blog post, woo boy: www.akamai.com/blog/securit...
I’m convinced most learning happens when you’re doing what I call “smacking into something;” failing repeatedly, figuring out why it failed, and proceeding to the next step where you rinse and repeat until you achieve your ultimate objective. TIL: docker and podman dependencies collide.
a rainbow and a star with the words " make you know " on it
ALT: a rainbow and a star with the words " make you know " on it
media.tenor.com
May 22, 2025 at 3:24 PM
I’m convinced most learning happens when you’re doing what I call “smacking into something;” failing repeatedly, figuring out why it failed, and proceeding to the next step where you rinse and repeat until you achieve your ultimate objective. TIL: docker and podman dependencies collide.
Beyond hyped to be presenting with @anam0x.bsky.social and the rest of my team at Arsenal at BHUSA 2025! app.ingo.me/q/0x9xn
Black Hat USA 2025
app.ingo.me
May 20, 2025 at 4:14 PM
Beyond hyped to be presenting with @anam0x.bsky.social and the rest of my team at Arsenal at BHUSA 2025! app.ingo.me/q/0x9xn
Reposted by Max Andreacchi
Do you miss "@cobaltstrikebot"? If so, here's a blog post showing how you can pull Cobalt Strike SpawnTo and watermark info with @shodanhq.bsky.social and some PowerShell: forensicitguy.github.io/squeezing-co...
Squeezing Cobalt Strike Threat Intelligence from Shodan
One of my favorite Twitter accounts from the last several years was @cobaltstrikebot, mainly because it was an awesome source of threat intelligence for Cobalt Strike beacons in the wild. The account ...
forensicitguy.github.io
May 19, 2025 at 1:37 AM
Do you miss "@cobaltstrikebot"? If so, here's a blog post showing how you can pull Cobalt Strike SpawnTo and watermark info with @shodanhq.bsky.social and some PowerShell: forensicitguy.github.io/squeezing-co...
It was an absolute pleasure to speak at @cackalackycon.bsky.social today and share my love of potatoes. Thank you to @specterops.io for fueling me to always go a layer deeper in learning and motivating me to chase my passions 🥔
May 18, 2025 at 5:10 PM
It was an absolute pleasure to speak at @cackalackycon.bsky.social today and share my love of potatoes. Thank you to @specterops.io for fueling me to always go a layer deeper in learning and motivating me to chase my passions 🥔
Reposted by Max Andreacchi
What do potatoes have to do with privilege escalation on Windows? Come find out at Max Andreacchi’s session, “Tater Tokens: Introduction to Windows Access Tokens and Their Role in PrivEsc” on May 18th!
May 17, 2025 at 9:55 PM
What do potatoes have to do with privilege escalation on Windows? Come find out at Max Andreacchi’s session, “Tater Tokens: Introduction to Windows Access Tokens and Their Role in PrivEsc” on May 18th!
Reposted by Max Andreacchi
Why do potato exploits work & how can we stop them?
Join @atomicchonk.bsky.social at @cackalackycon.bsky.social this weekend for a walkthrough of Windows access token manipulation and get the answer. ghst.ly/4jzjlnI
Join @atomicchonk.bsky.social at @cackalackycon.bsky.social this weekend for a walkthrough of Windows access token manipulation and get the answer. ghst.ly/4jzjlnI
May 12, 2025 at 9:28 PM
Why do potato exploits work & how can we stop them?
Join @atomicchonk.bsky.social at @cackalackycon.bsky.social this weekend for a walkthrough of Windows access token manipulation and get the answer. ghst.ly/4jzjlnI
Join @atomicchonk.bsky.social at @cackalackycon.bsky.social this weekend for a walkthrough of Windows access token manipulation and get the answer. ghst.ly/4jzjlnI
Always enjoy the views in Seattle! Spent excellent quality time with teammates and received amazing training. Now for a weekend of running and resting back home before new travels next week ✈️
May 2, 2025 at 11:18 PM
Always enjoy the views in Seattle! Spent excellent quality time with teammates and received amazing training. Now for a weekend of running and resting back home before new travels next week ✈️
Reposted by Max Andreacchi
Don't let threat actors mash your Windows security! @atomicchonk.bsky.social’s @cackalackycon.bsky.social talk breaks down potato exploits from token mechanics to defensive implementations.
Learn more ➡️ ghst.ly/4jzjlnI
Learn more ➡️ ghst.ly/4jzjlnI
April 28, 2025 at 4:00 PM
Don't let threat actors mash your Windows security! @atomicchonk.bsky.social’s @cackalackycon.bsky.social talk breaks down potato exploits from token mechanics to defensive implementations.
Learn more ➡️ ghst.ly/4jzjlnI
Learn more ➡️ ghst.ly/4jzjlnI
Reposted by Max Andreacchi
I’ve had to beat stubbornness out of my training. When I ran 10+ yrs ago I’d just hard-head my way forward but wind up injured. This time I’m focused on the goals ahead; nagging aches mean a rest day tomorrow so I can live to run later this week and keep this train moving to Oct (and beyond)
April 24, 2025 at 5:22 AM
I’ve had to beat stubbornness out of my training. When I ran 10+ yrs ago I’d just hard-head my way forward but wind up injured. This time I’m focused on the goals ahead; nagging aches mean a rest day tomorrow so I can live to run later this week and keep this train moving to Oct (and beyond)
Reposted by Max Andreacchi
Understanding Windows access tokens could be your best defense. At @cackalackycon.bsky.social, @atomicchonk.bsky.social will be peeling back the layers on potato exploits that threat actors use for privilege escalation.
Check out the schedule to learn more ➡️ ghst.ly/4jzjlnI
Check out the schedule to learn more ➡️ ghst.ly/4jzjlnI
April 18, 2025 at 4:33 PM
Understanding Windows access tokens could be your best defense. At @cackalackycon.bsky.social, @atomicchonk.bsky.social will be peeling back the layers on potato exploits that threat actors use for privilege escalation.
Check out the schedule to learn more ➡️ ghst.ly/4jzjlnI
Check out the schedule to learn more ➡️ ghst.ly/4jzjlnI
Reposted by Max Andreacchi
Just pushed a new versions for #AADInternals and AADInternals-Endpoint modules! Some bug fixes plus support for:
1️⃣ Microsoft Authentication Library (MSAL)
2️⃣ Token Protection
3️⃣ Continuous Access Evaluation (CAE)
1️⃣ Microsoft Authentication Library (MSAL)
2️⃣ Token Protection
3️⃣ Continuous Access Evaluation (CAE)
April 18, 2025 at 12:10 PM
Just pushed a new versions for #AADInternals and AADInternals-Endpoint modules! Some bug fixes plus support for:
1️⃣ Microsoft Authentication Library (MSAL)
2️⃣ Token Protection
3️⃣ Continuous Access Evaluation (CAE)
1️⃣ Microsoft Authentication Library (MSAL)
2️⃣ Token Protection
3️⃣ Continuous Access Evaluation (CAE)
Reposted by Max Andreacchi
The Ketman Project has published a list of names and GitHub profiles they believe may be North Korean rogue IT workers posing as open-source developers and freelancers, and seeking employment at Western software companies
www.ketman.org/dprk-it-work...
www.ketman.org/dprk-it-work...
DPRK IT Workers in Open Source and Freelance Platforms
A cluster of actors discovered in onlyDust.com freelancer platform and beyond
www.ketman.org
April 17, 2025 at 1:27 PM
The Ketman Project has published a list of names and GitHub profiles they believe may be North Korean rogue IT workers posing as open-source developers and freelancers, and seeking employment at Western software companies
www.ketman.org/dprk-it-work...
www.ketman.org/dprk-it-work...
Initial stab at using Chris Hayuk's mcp-cli tool to pair roadrecon_mcp_server with a locally-hosted model (in this case, mistral-small3.1). Note that running this query took over 300s so YMMV depending on several factors. Will update GH this week with instructions on replicating this.
April 16, 2025 at 1:53 AM
Initial stab at using Chris Hayuk's mcp-cli tool to pair roadrecon_mcp_server with a locally-hosted model (in this case, mistral-small3.1). Note that running this query took over 300s so YMMV depending on several factors. Will update GH this week with instructions on replicating this.
Reposted by Max Andreacchi
Think NTLM relay is a solved problem? Think again.
Relay attacks are more complicated than many people realize. Check out this deep dive from Elad Shamir on NTLM relay attacks & the new edges we recently added to BloodHound. ghst.ly/4lv3E31
Relay attacks are more complicated than many people realize. Check out this deep dive from Elad Shamir on NTLM relay attacks & the new edges we recently added to BloodHound. ghst.ly/4lv3E31
April 8, 2025 at 11:00 PM
Think NTLM relay is a solved problem? Think again.
Relay attacks are more complicated than many people realize. Check out this deep dive from Elad Shamir on NTLM relay attacks & the new edges we recently added to BloodHound. ghst.ly/4lv3E31
Relay attacks are more complicated than many people realize. Check out this deep dive from Elad Shamir on NTLM relay attacks & the new edges we recently added to BloodHound. ghst.ly/4lv3E31
Yesterday I broke 100 miles of running in 2025 on the 97th day of the year 🎉 Using this weekend’s 5K as the long run in my training plan on the road to a 10K in June 🏃🏻♂️ #runsky
April 8, 2025 at 1:21 PM
Yesterday I broke 100 miles of running in 2025 on the 97th day of the year 🎉 Using this weekend’s 5K as the long run in my training plan on the road to a 10K in June 🏃🏻♂️ #runsky