Jim Sykora
@jimsycurity.adminsdholder.com
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Pinned
Introduction:
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
Post a perfect album from the 90's that isn't Nirvana, Soundgarden, Pearl Jam, or Alice in Chains.
December 28, 2025 at 4:05 PM
Post a perfect album from the 90's that isn't Nirvana, Soundgarden, Pearl Jam, or Alice in Chains.
This starts out bad and just seems to keep getting worse. youtu.be/UL-hL6_XR30?...
The Star Wars Holiday Special 1978 (FULL) (No Commercials)
YouTube video by Star Wars Coffee
youtu.be
December 25, 2025 at 2:29 AM
This starts out bad and just seems to keep getting worse. youtu.be/UL-hL6_XR30?...
After all, why shouldn't I? Why shouldn't I watch The Lord of the Rings Fellowship of the Ring extended cut.
December 24, 2025 at 5:39 PM
After all, why shouldn't I? Why shouldn't I watch The Lord of the Rings Fellowship of the Ring extended cut.
I'd like to have a phone without AI in it.
December 21, 2025 at 7:40 PM
I'd like to have a phone without AI in it.
Praise Cheeses!
December 19, 2025 at 6:26 PM
Praise Cheeses!
acab includes javascript that restricts paste in password fields
December 18, 2025 at 5:32 PM
acab includes javascript that restricts paste in password fields
The HSI agent was afraid he was being abducted. Unfortunately (or on purpose) these goons can't extend that thought to the fact that they are literally abducting people every day.
share.google/n7YZ5GgjDUEV...
share.google/n7YZ5GgjDUEV...
December 12, 2025 at 6:10 PM
The HSI agent was afraid he was being abducted. Unfortunately (or on purpose) these goons can't extend that thought to the fact that they are literally abducting people every day.
share.google/n7YZ5GgjDUEV...
share.google/n7YZ5GgjDUEV...
Reposted by Jim Sykora
Plex Submits $35 Bid For Warner Bros.
Plex Submits $35 Bid For Warner Bros.
LOS GATOS, CA—In an attempt to fend off growing competition from Paramount and Netflix, Plex CEO Keith Valory announced Monday that the streaming platform had submitted a $35 bid for Warner Bros. Disc...
theonion.com
December 8, 2025 at 10:30 PM
Plex Submits $35 Bid For Warner Bros.
I made 3 batches of poultry stock this Thanksgiving season from Turkey carcass & the bits of rotisserie chicken and veggies I keep in the freezer for such purposes.
Some went into soup, the rest is frozen in 1 cup blocks.
Some went into soup, the rest is frozen in 1 cup blocks.
December 2, 2025 at 2:31 PM
I made 3 batches of poultry stock this Thanksgiving season from Turkey carcass & the bits of rotisserie chicken and veggies I keep in the freezer for such purposes.
Some went into soup, the rest is frozen in 1 cup blocks.
Some went into soup, the rest is frozen in 1 cup blocks.
Winter parking rules are in full effect.
What are winter parking rules? There are no rules.
What are winter parking rules? There are no rules.
November 29, 2025 at 6:16 PM
Winter parking rules are in full effect.
What are winter parking rules? There are no rules.
What are winter parking rules? There are no rules.
Reposted by Jim Sykora
Man Hoping People Notice How Many Folding Chairs He’s Carrying At Once https://theonion.com/man-hoping-people-notice-how-many-folding-chairs-he-s-c-1819576444/
November 25, 2025 at 11:00 PM
Man Hoping People Notice How Many Folding Chairs He’s Carrying At Once https://theonion.com/man-hoping-people-notice-how-many-folding-chairs-he-s-c-1819576444/
Reposted by Jim Sykora
How does PingOne’s architecture shape real attacker movement?
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
November 25, 2025 at 2:24 PM
How does PingOne’s architecture shape real attacker movement?
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
Reposted by Jim Sykora
Thank you @jimsycurity.adminsdholder.com for taking the time to talk about AdminSDHolder today! Too much great info to get in to 30 minutes... make sure you check out his full whitepaper 🔗 specterops.io/blog/2025/10...
Next week Brett Fernicola returns to talk about authentication threat modeling!
Next week Brett Fernicola returns to talk about authentication threat modeling!
November 19, 2025 at 7:34 PM
Thank you @jimsycurity.adminsdholder.com for taking the time to talk about AdminSDHolder today! Too much great info to get in to 30 minutes... make sure you check out his full whitepaper 🔗 specterops.io/blog/2025/10...
Next week Brett Fernicola returns to talk about authentication threat modeling!
Next week Brett Fernicola returns to talk about authentication threat modeling!
Reposted by Jim Sykora
Wake up, it's Wednesday! Join us for today's Wednesday Offensive with @jimsycurity.adminsdholder.com discussing AdminSDHolder!
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
November 19, 2025 at 2:40 PM
Wake up, it's Wednesday! Join us for today's Wednesday Offensive with @jimsycurity.adminsdholder.com discussing AdminSDHolder!
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
Reposted by Jim Sykora
🔔 Friendly neighborhood reminder 🔔 Tomorrow on The Wednesday Offensive we have Jim Sykora, Security Researcher at SpecterOps, talkin about AdminSDHolder!
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
November 18, 2025 at 2:34 PM
🔔 Friendly neighborhood reminder 🔔 Tomorrow on The Wednesday Offensive we have Jim Sykora, Security Researcher at SpecterOps, talkin about AdminSDHolder!
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Reposted by Jim Sykora
they used to make real soundtracks for a movie
November 17, 2025 at 1:08 AM
they used to make real soundtracks for a movie
Reposted by Jim Sykora
The CFP for SO-CON 2026 closes in about 12 hours (11:59 2025-11-15)! Have a cool approach to attack path management (or awesome connector for BloodHound OpenGraph)? Submit ASAP:
specterops.io/so-con/
specterops.io/so-con/
SO-CON 2026 - SpecterOps
SO-CON 2026: Secure your spot for the conference and training.
specterops.io
November 15, 2025 at 6:54 PM
The CFP for SO-CON 2026 closes in about 12 hours (11:59 2025-11-15)! Have a cool approach to attack path management (or awesome connector for BloodHound OpenGraph)? Submit ASAP:
specterops.io/so-con/
specterops.io/so-con/
Reposted by Jim Sykora
you can just go ask crows stuff instead of asking chatgpt
November 6, 2025 at 12:14 PM
you can just go ask crows stuff instead of asking chatgpt
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
November 5, 2025 at 4:25 AM
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
Reposted by Jim Sykora
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
At the Microsoft Security Response Center (MSRC), your feedback drives our innovation. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparent, and user-friendly.
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
October 31, 2025 at 3:48 PM
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
AdminSDHolder Misconceptions & Misconfigurations - SpecterOps
AdminSDHolder is an object and associated process in Active Directory Domain Services (AD DS) that helps protect specific sensitive and highly privileged accounts from being manipulated. This topic is...
specterops.io
October 31, 2025 at 7:47 PM
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
Reposted by Jim Sykora
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
October 29, 2025 at 10:25 PM
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Reposted by Jim Sykora
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
October 24, 2025 at 4:34 PM
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
Reposted by Jim Sykora
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Catching Credential Guard Off Guard - SpecterOps
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
ghst.ly
October 23, 2025 at 5:45 PM
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm