Marc André Tanner
@brain-dump.org
Information security, operating systems, text editors
github.com/martanne
github.com/martanne
Last week presented at an university alumni event, this week successfully used during a red teaming engagement.
November 14, 2025 at 5:09 PM
Last week presented at an university alumni event, this week successfully used during a red teaming engagement.
Reposted by Marc André Tanner
🧭 Navigation complete! The team from Compass Security just charted a course straight into @home_assistant Green at #Pwn2Own. They head off to the disclosure room to spill how they did it. #P2OIreland
October 21, 2025 at 3:28 PM
🧭 Navigation complete! The team from Compass Security just charted a course straight into @home_assistant Green at #Pwn2Own. They head off to the disclosure room to spill how they did it. #P2OIreland
Now merged into Certipy 5.0.2
Avoid LDAP monitoring by leveraging local registry data with certipy parse! Check out our latest pull request and read Marc Tanner’s (@brain-dump.org) blog post: blog.compass-security.com/2025/02/stea...
May 18, 2025 at 7:00 PM
Now merged into Certipy 5.0.2
Curious why I was rebooting random laptops?
Credit goes to Rairii for the original research and Thomas from @neodyme.io for the initial PoC.
Credit goes to Rairii for the original research and Thomas from @neodyme.io for the initial PoC.
In his latest blog post, Marc Tanner @brain-dump.org shows how to bypass BitLocker using BitPixie (CVE-2023-21563) and signed Microsoft components only. Check out the blog post for a PoC and a demo. #BitLocker #RedTeam
blog.compass-security.com/2025/05/bypa...
blog.compass-security.com/2025/05/bypa...
May 13, 2025 at 7:59 PM
Curious why I was rebooting random laptops?
Credit goes to Rairii for the original research and Thomas from @neodyme.io for the initial PoC.
Credit goes to Rairii for the original research and Thomas from @neodyme.io for the initial PoC.
Last week I had a fantastic experience at @specterops.bsky.social's #SOCON2025 and subsequent IDOT training. It was a great opportunity to get in touch with leading experts. Apparently I also bugged them enough to merge my small BloodHound contribution. github.com/SpecterOps/B...
April 11, 2025 at 6:12 PM
Last week I had a fantastic experience at @specterops.bsky.social's #SOCON2025 and subsequent IDOT training. It was a great opportunity to get in touch with leading experts. Apparently I also bugged them enough to merge my small BloodHound contribution. github.com/SpecterOps/B...
Reposted by Marc André Tanner
Avoid LDAP monitoring by leveraging local registry data with certipy parse! Check out our latest pull request and read Marc Tanner’s (@brain-dump.org) blog post: blog.compass-security.com/2025/02/stea...
February 11, 2025 at 12:28 PM
Avoid LDAP monitoring by leveraging local registry data with certipy parse! Check out our latest pull request and read Marc Tanner’s (@brain-dump.org) blog post: blog.compass-security.com/2025/02/stea...