Jim Sykora @ WWHF Mile High
banner
jimsycurity.adminsdholder.com
Jim Sykora @ WWHF Mile High
@jimsycurity.adminsdholder.com
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Opinions = mine. He/Him/Hän

https://github.com/JimSycurity
https://www.adminsdholder.com
Pinned
Introduction:
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
Reposted by Jim Sykora @ WWHF Mile High
10 years ago this week I published this blog post while @cptjesus.bsky.social, @harmj0y.bsky.social and I were working on what eventually became BloodHound: wald0.com?p=14
Automated Derivative Administrator Search
Intro Active Directory Domain escalation is an important part of most penetration tests and red team engagements. While gaining domain/enterprise administrator rights is not the end goal of an as…
wald0.com
February 17, 2026 at 4:45 PM
Reposted by Jim Sykora @ WWHF Mile High
Since I was bored on a plane I decided to revisit some of the Windows Hello tradecraft and finally implemented browser based FIDO2 auth using WHFB keys in roadtx. Thanks @fabian.bader.cloud and @nathanmcnulty.com for the inspiration!
February 17, 2026 at 10:07 AM
It's a great day to be outside.

It would be an even better day to be outside if some dipass wasn't burning plastic in my neighborhood.
February 15, 2026 at 7:51 PM
Next week I'll be speaking at WWHF Mile High in Denver about Abusing Backup Operators with @trustedsec.com's Titanis.

web.cvent.com/event/1dbf78...
Agenda - Wild West Hackin' Fest @ Mile High 2026
web.cvent.com
February 6, 2026 at 1:52 PM
Reposted by Jim Sykora @ WWHF Mile High
Next week at WWHF Mile High I'll present a major update to roadrecon, with some awesome features I wanted to add for a while! Friday 9am in track 1 for those attending 😀
February 6, 2026 at 12:16 PM
I think we all know that "Abolish ICE" would win, hands down, if this contest wasn't rigged to not include it.

www.cbsnews.com/minnesota/ne...
These are the finalists for this year's MnDOT Name a Snowplow contest
The Minnesota Department of Transportation has winnowed thousands of submissions for its Name a Snowplow contest down to 30 finalists.
www.cbsnews.com
February 6, 2026 at 4:34 AM
Reposted by Jim Sykora @ WWHF Mile High
New PowerShell module out :)
ISpy, using ILSpy's decompiler library.

github.com/trackd/ISpy/
www.powershellgallery.com/packages/ISpy/
February 6, 2026 at 12:33 AM
Reposted by Jim Sykora @ WWHF Mile High
I do not make this comparison lightly.
"In my few days in Minnesota, I’ve been witness to countless scenes that remind me of moments I’ve seen during previous trips covering conflicts around the world," photojournalist @cengizyar.com writes. "The wars we’ve carried out as a nation abroad have come home."

More: https://propub.li/4acxEeY
February 4, 2026 at 3:27 AM
Reposted by Jim Sykora @ WWHF Mile High
BUT! The underlying behavior IS still interesting. "Dangling templates" happen when you delete a cert template without disabling it first, and they can lead to unexpected template enablement.

New blog explains the whole thing: jakehildreth.github.io/blog/2026/01...
A Tiny Privilege Escalation by Abusing Dangling Templates
Hello, friends!
jakehildreth.github.io
January 31, 2026 at 12:34 PM
Reposted by Jim Sykora @ WWHF Mile High
Don was taken into custody by federal agents last night in Los Angeles.
January 30, 2026 at 12:58 PM
Reposted by Jim Sykora @ WWHF Mile High
A Minnesota woman observing ICE agents in her car was cornered on one-way streets. An agent approached, called her by name—citing facial recognition. Days later, her Global Entry and TSA privileges were revoked, with no explanation.
How ICE Already Knows Who Minneapolis Protesters Are
www.nytimes.com
January 30, 2026 at 11:55 AM
Reposted by Jim Sykora @ WWHF Mile High
Federal agents cornered Marimar Martinez, shot her several times, boasted about it, arrested her, lied about her to the public and in the police report, and falsely charged her with assaulting them.

Now the government wants to keep evidence of their lies secret to protect these agents' "privacy."
DeWald cites "privacy interests" for an "agent number 3" and his body worn camera as one of the govt's concerns over making the case material piblic, among other issues.
January 29, 2026 at 3:47 PM
Reposted by Jim Sykora @ WWHF Mile High
There’s so much need in Minnesota right now. Businesses are closing and rent is due soon.

If you want to help people here, there are links to rent relief & other vetted mutual aid funds on standwithminnesota.com. Please boost and donate what you can.

Thank you 🫶🏻
Stand With Minnesota Donation Directory
Stand With Minnesota is a hub for supporting, learning, and taking action to support Minnesotans impacted by ICE and federal enforcement.
standwithminnesota.com
January 29, 2026 at 3:20 PM
Reposted by Jim Sykora @ WWHF Mile High
Today is the day - students go to www.bsidescharm.org/students/ for a chance to attend @BSidesCharm 2026 for FREE!
January 26, 2026 at 4:02 PM
Reposted by Jim Sykora @ WWHF Mile High
"PEACE ISN'T WHAT YOU ASK FOR WHEN THE BOOT IS ALREADY ON SOMEONE'S NECK.
PEACE IS WHAT THE POWERFUL ASK FOR WHEN THEY DON'T WANT TO BE INTERRUPTED."
January 25, 2026 at 11:44 PM
Reposted by Jim Sykora @ WWHF Mile High
Cold, Snowy, but there is hope! Tickets for #BSidesRoc are now available! Check out our trainings and Keynote Cassandra Young(@muteki) While you are there. This is shaping up to be the best edition yet so get your tickets now at bit.ly/4oCMlxm !
#BSides
Security B-Sides Rochester
Security B-Sides Rochester, or BSidesROC, is an open, non-profit hacker conference in Rochester, NY. It provides a place for people to learn about hacking, infosec, and all kinds of different technolo...
bit.ly
January 26, 2026 at 1:15 AM
Reposted by Jim Sykora @ WWHF Mile High
Reposted by Jim Sykora @ WWHF Mile High
"Pretti Good People Are Getting Murdered!!" protest sign seen near where Alex Pretti was killed earlier in the day by ICE agents.
January 24, 2026 at 11:52 PM
Reposted by Jim Sykora @ WWHF Mile High
Alex Pretti’s last words were “are you ok?” said the woman next to him who ICE also pepper sprayed in the face.
January 24, 2026 at 7:51 PM
Reposted by Jim Sykora @ WWHF Mile High
He was legally observing
He was helping other legal observers
He was helping other potential victims
He was not brandishing a gun
May Alex Pretti’s memory be a blessing
January 24, 2026 at 7:10 PM
Reposted by Jim Sykora @ WWHF Mile High
ICE is now responsible for 66% of the homicides in Minneapolis this year.
January 24, 2026 at 4:51 PM
Reposted by Jim Sykora @ WWHF Mile High
Minnesota is the best of us.
January 23, 2026 at 10:52 PM
It's about -20F in the greater Minneapolis area today. That's without the wind chill.

Abolish ICE
They are never, ever going to win in Minnesota.
January 23, 2026 at 10:20 PM
Reposted by Jim Sykora @ WWHF Mile High
Tomorrow’s front page of the Minnesota Star Tribune: Jan. 23, 2026
January 22, 2026 at 11:19 PM