Jim Sykora @ WWHF Mile High
@jimsycurity.adminsdholder.com
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Pinned
Introduction:
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
Reposted by Jim Sykora @ WWHF Mile High
10 years ago this week I published this blog post while @cptjesus.bsky.social, @harmj0y.bsky.social and I were working on what eventually became BloodHound: wald0.com?p=14
Automated Derivative Administrator Search
Intro Active Directory Domain escalation is an important part of most penetration tests and red team engagements. While gaining domain/enterprise administrator rights is not the end goal of an as…
wald0.com
February 17, 2026 at 4:45 PM
10 years ago this week I published this blog post while @cptjesus.bsky.social, @harmj0y.bsky.social and I were working on what eventually became BloodHound: wald0.com?p=14
Reposted by Jim Sykora @ WWHF Mile High
Since I was bored on a plane I decided to revisit some of the Windows Hello tradecraft and finally implemented browser based FIDO2 auth using WHFB keys in roadtx. Thanks @fabian.bader.cloud and @nathanmcnulty.com for the inspiration!
February 17, 2026 at 10:07 AM
Since I was bored on a plane I decided to revisit some of the Windows Hello tradecraft and finally implemented browser based FIDO2 auth using WHFB keys in roadtx. Thanks @fabian.bader.cloud and @nathanmcnulty.com for the inspiration!
It's a great day to be outside.
It would be an even better day to be outside if some dipass wasn't burning plastic in my neighborhood.
It would be an even better day to be outside if some dipass wasn't burning plastic in my neighborhood.
February 15, 2026 at 7:51 PM
It's a great day to be outside.
It would be an even better day to be outside if some dipass wasn't burning plastic in my neighborhood.
It would be an even better day to be outside if some dipass wasn't burning plastic in my neighborhood.
Next week I'll be speaking at WWHF Mile High in Denver about Abusing Backup Operators with @trustedsec.com's Titanis.
web.cvent.com/event/1dbf78...
web.cvent.com/event/1dbf78...
Agenda - Wild West Hackin' Fest @ Mile High 2026
web.cvent.com
February 6, 2026 at 1:52 PM
Next week I'll be speaking at WWHF Mile High in Denver about Abusing Backup Operators with @trustedsec.com's Titanis.
web.cvent.com/event/1dbf78...
web.cvent.com/event/1dbf78...
Reposted by Jim Sykora @ WWHF Mile High
Next week at WWHF Mile High I'll present a major update to roadrecon, with some awesome features I wanted to add for a while! Friday 9am in track 1 for those attending 😀
February 6, 2026 at 12:16 PM
Next week at WWHF Mile High I'll present a major update to roadrecon, with some awesome features I wanted to add for a while! Friday 9am in track 1 for those attending 😀
I think we all know that "Abolish ICE" would win, hands down, if this contest wasn't rigged to not include it.
www.cbsnews.com/minnesota/ne...
www.cbsnews.com/minnesota/ne...
These are the finalists for this year's MnDOT Name a Snowplow contest
The Minnesota Department of Transportation has winnowed thousands of submissions for its Name a Snowplow contest down to 30 finalists.
www.cbsnews.com
February 6, 2026 at 4:34 AM
I think we all know that "Abolish ICE" would win, hands down, if this contest wasn't rigged to not include it.
www.cbsnews.com/minnesota/ne...
www.cbsnews.com/minnesota/ne...
Reposted by Jim Sykora @ WWHF Mile High
New PowerShell module out :)
ISpy, using ILSpy's decompiler library.
github.com/trackd/ISpy/
www.powershellgallery.com/packages/ISpy/
ISpy, using ILSpy's decompiler library.
github.com/trackd/ISpy/
www.powershellgallery.com/packages/ISpy/
February 6, 2026 at 12:33 AM
New PowerShell module out :)
ISpy, using ILSpy's decompiler library.
github.com/trackd/ISpy/
www.powershellgallery.com/packages/ISpy/
ISpy, using ILSpy's decompiler library.
github.com/trackd/ISpy/
www.powershellgallery.com/packages/ISpy/
Reposted by Jim Sykora @ WWHF Mile High
I do not make this comparison lightly.
"In my few days in Minnesota, I’ve been witness to countless scenes that remind me of moments I’ve seen during previous trips covering conflicts around the world," photojournalist @cengizyar.com writes. "The wars we’ve carried out as a nation abroad have come home."
More: https://propub.li/4acxEeY
More: https://propub.li/4acxEeY
February 4, 2026 at 3:27 AM
I do not make this comparison lightly.
Reposted by Jim Sykora @ WWHF Mile High
BUT! The underlying behavior IS still interesting. "Dangling templates" happen when you delete a cert template without disabling it first, and they can lead to unexpected template enablement.
New blog explains the whole thing: jakehildreth.github.io/blog/2026/01...
New blog explains the whole thing: jakehildreth.github.io/blog/2026/01...
A Tiny Privilege Escalation by Abusing Dangling Templates
Hello, friends!
jakehildreth.github.io
January 31, 2026 at 12:34 PM
BUT! The underlying behavior IS still interesting. "Dangling templates" happen when you delete a cert template without disabling it first, and they can lead to unexpected template enablement.
New blog explains the whole thing: jakehildreth.github.io/blog/2026/01...
New blog explains the whole thing: jakehildreth.github.io/blog/2026/01...
Reposted by Jim Sykora @ WWHF Mile High
Don was taken into custody by federal agents last night in Los Angeles.
January 30, 2026 at 12:58 PM
Don was taken into custody by federal agents last night in Los Angeles.
Reposted by Jim Sykora @ WWHF Mile High
A Minnesota woman observing ICE agents in her car was cornered on one-way streets. An agent approached, called her by name—citing facial recognition. Days later, her Global Entry and TSA privileges were revoked, with no explanation.
How ICE Already Knows Who Minneapolis Protesters Are
www.nytimes.com
January 30, 2026 at 11:55 AM
A Minnesota woman observing ICE agents in her car was cornered on one-way streets. An agent approached, called her by name—citing facial recognition. Days later, her Global Entry and TSA privileges were revoked, with no explanation.
Reposted by Jim Sykora @ WWHF Mile High
Federal agents cornered Marimar Martinez, shot her several times, boasted about it, arrested her, lied about her to the public and in the police report, and falsely charged her with assaulting them.
Now the government wants to keep evidence of their lies secret to protect these agents' "privacy."
Now the government wants to keep evidence of their lies secret to protect these agents' "privacy."
DeWald cites "privacy interests" for an "agent number 3" and his body worn camera as one of the govt's concerns over making the case material piblic, among other issues.
January 29, 2026 at 3:47 PM
Federal agents cornered Marimar Martinez, shot her several times, boasted about it, arrested her, lied about her to the public and in the police report, and falsely charged her with assaulting them.
Now the government wants to keep evidence of their lies secret to protect these agents' "privacy."
Now the government wants to keep evidence of their lies secret to protect these agents' "privacy."
Reposted by Jim Sykora @ WWHF Mile High
There’s so much need in Minnesota right now. Businesses are closing and rent is due soon.
If you want to help people here, there are links to rent relief & other vetted mutual aid funds on standwithminnesota.com. Please boost and donate what you can.
Thank you 🫶🏻
If you want to help people here, there are links to rent relief & other vetted mutual aid funds on standwithminnesota.com. Please boost and donate what you can.
Thank you 🫶🏻
Stand With Minnesota Donation Directory
Stand With Minnesota is a hub for supporting, learning, and taking action to support Minnesotans impacted by ICE and federal enforcement.
standwithminnesota.com
January 29, 2026 at 3:20 PM
There’s so much need in Minnesota right now. Businesses are closing and rent is due soon.
If you want to help people here, there are links to rent relief & other vetted mutual aid funds on standwithminnesota.com. Please boost and donate what you can.
Thank you 🫶🏻
If you want to help people here, there are links to rent relief & other vetted mutual aid funds on standwithminnesota.com. Please boost and donate what you can.
Thank you 🫶🏻
Reposted by Jim Sykora @ WWHF Mile High
Today is the day - students go to www.bsidescharm.org/students/ for a chance to attend @BSidesCharm 2026 for FREE!
January 26, 2026 at 4:02 PM
Today is the day - students go to www.bsidescharm.org/students/ for a chance to attend @BSidesCharm 2026 for FREE!
Reposted by Jim Sykora @ WWHF Mile High
"PEACE ISN'T WHAT YOU ASK FOR WHEN THE BOOT IS ALREADY ON SOMEONE'S NECK.
PEACE IS WHAT THE POWERFUL ASK FOR WHEN THEY DON'T WANT TO BE INTERRUPTED."
PEACE IS WHAT THE POWERFUL ASK FOR WHEN THEY DON'T WANT TO BE INTERRUPTED."
January 25, 2026 at 11:44 PM
"PEACE ISN'T WHAT YOU ASK FOR WHEN THE BOOT IS ALREADY ON SOMEONE'S NECK.
PEACE IS WHAT THE POWERFUL ASK FOR WHEN THEY DON'T WANT TO BE INTERRUPTED."
PEACE IS WHAT THE POWERFUL ASK FOR WHEN THEY DON'T WANT TO BE INTERRUPTED."
Reposted by Jim Sykora @ WWHF Mile High
Cold, Snowy, but there is hope! Tickets for #BSidesRoc are now available! Check out our trainings and Keynote Cassandra Young(@muteki) While you are there. This is shaping up to be the best edition yet so get your tickets now at bit.ly/4oCMlxm !
#BSides
#BSides
Security B-Sides Rochester
Security B-Sides Rochester, or BSidesROC, is an open, non-profit hacker conference in Rochester, NY. It provides a place for people to learn about hacking, infosec, and all kinds of different technolo...
bit.ly
January 26, 2026 at 1:15 AM
Cold, Snowy, but there is hope! Tickets for #BSidesRoc are now available! Check out our trainings and Keynote Cassandra Young(@muteki) While you are there. This is shaping up to be the best edition yet so get your tickets now at bit.ly/4oCMlxm !
#BSides
#BSides
Reposted by Jim Sykora @ WWHF Mile High
Reposted by Jim Sykora @ WWHF Mile High
"Pretti Good People Are Getting Murdered!!" protest sign seen near where Alex Pretti was killed earlier in the day by ICE agents.
January 24, 2026 at 11:52 PM
"Pretti Good People Are Getting Murdered!!" protest sign seen near where Alex Pretti was killed earlier in the day by ICE agents.
Reposted by Jim Sykora @ WWHF Mile High
Alex Pretti’s last words were “are you ok?” said the woman next to him who ICE also pepper sprayed in the face.
January 24, 2026 at 7:51 PM
Alex Pretti’s last words were “are you ok?” said the woman next to him who ICE also pepper sprayed in the face.
Reposted by Jim Sykora @ WWHF Mile High
He was legally observing
He was helping other legal observers
He was helping other potential victims
He was not brandishing a gun
May Alex Pretti’s memory be a blessing
He was helping other legal observers
He was helping other potential victims
He was not brandishing a gun
May Alex Pretti’s memory be a blessing
January 24, 2026 at 7:10 PM
He was legally observing
He was helping other legal observers
He was helping other potential victims
He was not brandishing a gun
May Alex Pretti’s memory be a blessing
He was helping other legal observers
He was helping other potential victims
He was not brandishing a gun
May Alex Pretti’s memory be a blessing
Reposted by Jim Sykora @ WWHF Mile High
ICE is now responsible for 66% of the homicides in Minneapolis this year.
January 24, 2026 at 4:51 PM
ICE is now responsible for 66% of the homicides in Minneapolis this year.
Reposted by Jim Sykora @ WWHF Mile High
Minnesota is the best of us.
January 23, 2026 at 10:52 PM
Minnesota is the best of us.
It's about -20F in the greater Minneapolis area today. That's without the wind chill.
Abolish ICE
Abolish ICE
They are never, ever going to win in Minnesota.
January 23, 2026 at 10:20 PM
It's about -20F in the greater Minneapolis area today. That's without the wind chill.
Abolish ICE
Abolish ICE
Reposted by Jim Sykora @ WWHF Mile High
Tomorrow’s front page of the Minnesota Star Tribune: Jan. 23, 2026
January 22, 2026 at 11:19 PM
Tomorrow’s front page of the Minnesota Star Tribune: Jan. 23, 2026