r00tkie
@r00tkie.bsky.social
Hacking On-Prem and the Cloud's, Mediocre Developer, Thinker and a Bookworm.
🎭 To be, rather than to seem!
⚠️ between seriousness, expect sarcasm and humor
🎭 To be, rather than to seem!
⚠️ between seriousness, expect sarcasm and humor
I am purposely misspelling all my passwords.
December 22, 2024 at 10:52 AM
I am purposely misspelling all my passwords.
A family friend came in, and we had a couple of drinks, which is fine. The problem is that tomorrow I have a #basketball game at 10am. Will see how that goes.
December 14, 2024 at 9:42 PM
A family friend came in, and we had a couple of drinks, which is fine. The problem is that tomorrow I have a #basketball game at 10am. Will see how that goes.
When it comes to TAP for #EntraID, #microsoft mentions that all #Tokens obtained with a TAP login is limited to TAP lifetime. Which means, if your TAP is expired you Access Token is also expired.
That's not true! You can still use the AT after TAP expiration
learn.microsoft.com/en-us/entra/...
That's not true! You can still use the AT after TAP expiration
learn.microsoft.com/en-us/entra/...
Configure a Temporary Access Pass in Microsoft Entra ID to register passwordless authentication methods - Microsoft Entra ID
Learn how to configure and enable users to register passwordless authentication methods by using a Temporary Access Pass (TAP).
learn.microsoft.com
December 13, 2024 at 11:32 AM
When it comes to TAP for #EntraID, #microsoft mentions that all #Tokens obtained with a TAP login is limited to TAP lifetime. Which means, if your TAP is expired you Access Token is also expired.
That's not true! You can still use the AT after TAP expiration
learn.microsoft.com/en-us/entra/...
That's not true! You can still use the AT after TAP expiration
learn.microsoft.com/en-us/entra/...
It actually seems that you can't block the AADGraph by utilizing CAP filters.
I was too excited when I posted this 😂.
Let me know if you know a way to prevent the use of AADGraph.
#azure #redteam #blueteam
I was too excited when I posted this 😂.
Let me know if you know a way to prevent the use of AADGraph.
#azure #redteam #blueteam
You can enumerate #azure CAP with any user by utilizing the old AADGraph API "https://graph.windows.net/organization/conditionalAccessPolicies?api-version=1.61-internal".
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
December 11, 2024 at 11:06 AM
You can enumerate #azure CAP with any user by utilizing the old AADGraph API "https://graph.windows.net/organization/conditionalAccessPolicies?api-version=1.61-internal".
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
December 11, 2024 at 10:56 AM
You can enumerate #azure CAP with any user by utilizing the old AADGraph API "https://graph.windows.net/organization/conditionalAccessPolicies?api-version=1.61-internal".
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
To prevent that, you can use CAP filters.
Let me know if you know of any other way to enumerate CAP with low privs account.
If you want to work with 3-4 letters abbreviations and sexy name conventions with the only purpose of sounding cool and confusing you should join #cybersecurity. We have plenty of those 😎
December 8, 2024 at 4:36 PM
If you want to work with 3-4 letters abbreviations and sexy name conventions with the only purpose of sounding cool and confusing you should join #cybersecurity. We have plenty of those 😎
Reposted by r00tkie
me running fwupdmgr on my linux machine to update my firmware bios ;) www.cyberciti.biz/faq/thinkpad...
December 8, 2024 at 1:21 PM
me running fwupdmgr on my linux machine to update my firmware bios ;) www.cyberciti.biz/faq/thinkpad...
#Azure FOCI is a functionality in #EntraID that allows a group of client applications to obtain special “family refresh tokens,” that can be used to request refresh and access tokens for any other client applications in the family.
A list a known FOCI clients:
github.com/secureworks/...
A list a known FOCI clients:
github.com/secureworks/...
github.com
December 7, 2024 at 9:01 AM
#Azure FOCI is a functionality in #EntraID that allows a group of client applications to obtain special “family refresh tokens,” that can be used to request refresh and access tokens for any other client applications in the family.
A list a known FOCI clients:
github.com/secureworks/...
A list a known FOCI clients:
github.com/secureworks/...
Interesting GitHub repo with a list of all Microsoft Graph API endpoints.
github.com/baswijdenes/...
#azure #M365
github.com/baswijdenes/...
#azure #M365
GitHub - baswijdenes/ListOfMicrosoftGraphApiEndpoints: List of all Microsoft Graph API endpoints currently available including reference
List of all Microsoft Graph API endpoints currently available including reference - baswijdenes/ListOfMicrosoftGraphApiEndpoints
github.com
December 6, 2024 at 2:11 PM
Interesting GitHub repo with a list of all Microsoft Graph API endpoints.
github.com/baswijdenes/...
#azure #M365
github.com/baswijdenes/...
#azure #M365
ℹ️ Azure Device Code Phishing
Attacker's IP and device are logged in #EntraID sign-in logs.
The Authentication protocol is Device Code.
Those details are helpful for detection as well as prevention.
Utilize Authentication Flow and Location based CAP to prevent such attacks.
#azuresecurity
Attacker's IP and device are logged in #EntraID sign-in logs.
The Authentication protocol is Device Code.
Those details are helpful for detection as well as prevention.
Utilize Authentication Flow and Location based CAP to prevent such attacks.
#azuresecurity
December 6, 2024 at 11:10 AM
ℹ️ Azure Device Code Phishing
Attacker's IP and device are logged in #EntraID sign-in logs.
The Authentication protocol is Device Code.
Those details are helpful for detection as well as prevention.
Utilize Authentication Flow and Location based CAP to prevent such attacks.
#azuresecurity
Attacker's IP and device are logged in #EntraID sign-in logs.
The Authentication protocol is Device Code.
Those details are helpful for detection as well as prevention.
Utilize Authentication Flow and Location based CAP to prevent such attacks.
#azuresecurity
I haven't see more crap in any other organization than the one I currently work for.
#fullofcrap #enterprise
#fullofcrap #enterprise
December 6, 2024 at 9:16 AM
I haven't see more crap in any other organization than the one I currently work for.
#fullofcrap #enterprise
#fullofcrap #enterprise
The bots have arrived!
December 4, 2024 at 1:06 PM
The bots have arrived!
I am drawn to the idea of switching to a cloud first security role, if possible, mostly offensive stuff
December 2, 2024 at 1:55 PM
I am drawn to the idea of switching to a cloud first security role, if possible, mostly offensive stuff
Just bought my CARTE course after clearing the CARTP.
Another month(s) of azure red team learning. I hope its worth it. www.alteredsecurity.com/azureadvanced
Another month(s) of azure red team learning. I hope its worth it. www.alteredsecurity.com/azureadvanced
Attacking and Defending Azure - Advanced (CARTE)
CARTP - Certified Azure Red Team Professional is a a beginnere friendly hands-on certification on Azure Red Team and Penetration Testing.
www.alteredsecurity.com
December 2, 2024 at 10:06 AM
Just bought my CARTE course after clearing the CARTP.
Another month(s) of azure red team learning. I hope its worth it. www.alteredsecurity.com/azureadvanced
Another month(s) of azure red team learning. I hope its worth it. www.alteredsecurity.com/azureadvanced
My nephew's first words when he visits us are, "Uncle, I want to play Xbox."
I'm starting to believe that the reason he's coming is to play Xbox and not visit us or his cousins.
I'm starting to believe that the reason he's coming is to play Xbox and not visit us or his cousins.
a doctor says it 's my xbox time while holding a phone
ALT: a doctor says it 's my xbox time while holding a phone
media.tenor.com
December 2, 2024 at 7:41 AM
My nephew's first words when he visits us are, "Uncle, I want to play Xbox."
I'm starting to believe that the reason he's coming is to play Xbox and not visit us or his cousins.
I'm starting to believe that the reason he's coming is to play Xbox and not visit us or his cousins.
The way alcohol disrupts my sleep makes me want to stop drinking entirely, even as a social drinker.
a cartoon of a penguin sleeping next to an alarm clock that reads 6:08
ALT: a cartoon of a penguin sleeping next to an alarm clock that reads 6:08
media.tenor.com
December 2, 2024 at 7:21 AM
The way alcohol disrupts my sleep makes me want to stop drinking entirely, even as a social drinker.
In this blogpost I'm writing about the Image File Execution Options (IFEO) attack on Windows!
Exploitation of the IFEO causes hijacking of legitimate applications, leading to unauthorized access or malware execution.
pwntales.com/image-file-e...
#redteam #Windows
Exploitation of the IFEO causes hijacking of legitimate applications, leading to unauthorized access or malware execution.
pwntales.com/image-file-e...
#redteam #Windows
Image File Execution Options
Discover how attackers can abuse Image File Execution Options (IFEO) maliciously. Learn about the vulnerabilities within IFEO.
pwntales.com
December 1, 2024 at 11:58 AM
In this blogpost I'm writing about the Image File Execution Options (IFEO) attack on Windows!
Exploitation of the IFEO causes hijacking of legitimate applications, leading to unauthorized access or malware execution.
pwntales.com/image-file-e...
#redteam #Windows
Exploitation of the IFEO causes hijacking of legitimate applications, leading to unauthorized access or malware execution.
pwntales.com/image-file-e...
#redteam #Windows
Strategies for Exploiting and Defending Against Kerberos Pre-Authentication Attacks pwntales.com/as-rep-roast...
AS-REP Roasting: A Recipe for Kerberos Credential Theft
Learn about AS-REP Roasting, a technique for Kerberos credential theft, how to attack, detect, and how to protect against this vulnerability.
pwntales.com
November 28, 2024 at 12:37 PM
Strategies for Exploiting and Defending Against Kerberos Pre-Authentication Attacks pwntales.com/as-rep-roast...
I dont think I'll ever like social media. It's small talk to me. You can't always avoid it, and sometimes you have to interact. When everyone tries to speak, I prefer to listen. Let me tell you...most of you are lying to yourselves, I know it, you know it, everybody knows it but they play the game.
November 27, 2024 at 9:15 AM
I dont think I'll ever like social media. It's small talk to me. You can't always avoid it, and sometimes you have to interact. When everyone tries to speak, I prefer to listen. Let me tell you...most of you are lying to yourselves, I know it, you know it, everybody knows it but they play the game.
If the concept of Kerberos delegation sounds Greek to you, don’t worry!
Check here as I break down all three types of attacks in an easy to understand way.
pwntales.com/kerberos-del...
#redteam #activedirectory #kerberos
Check here as I break down all three types of attacks in an easy to understand way.
pwntales.com/kerberos-del...
#redteam #activedirectory #kerberos
Kerberos Delegation Attacks (part1)
Understand Kerberos Delegation Attacks and their impact. Learn how attackers exploit credential delegation vulnerabilities.
pwntales.com
November 26, 2024 at 12:12 PM
If the concept of Kerberos delegation sounds Greek to you, don’t worry!
Check here as I break down all three types of attacks in an easy to understand way.
pwntales.com/kerberos-del...
#redteam #activedirectory #kerberos
Check here as I break down all three types of attacks in an easy to understand way.
pwntales.com/kerberos-del...
#redteam #activedirectory #kerberos
❓️Why People Shouldn’t Join Cybersecurity
🚨 Cybersecurity isn’t for everyone.
🚨 Long hours and big pressure.
🚨 You must always keep learning.
🚨 Mistakes can be costly.
🚨It’s not just hacking, it’s meetings and reports too.
🚨 Cybersecurity isn’t for everyone.
🚨 Long hours and big pressure.
🚨 You must always keep learning.
🚨 Mistakes can be costly.
🚨It’s not just hacking, it’s meetings and reports too.
❓️Why People Should Join Cybersecurity
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
November 25, 2024 at 8:02 PM
❓️Why People Shouldn’t Join Cybersecurity
🚨 Cybersecurity isn’t for everyone.
🚨 Long hours and big pressure.
🚨 You must always keep learning.
🚨 Mistakes can be costly.
🚨It’s not just hacking, it’s meetings and reports too.
🚨 Cybersecurity isn’t for everyone.
🚨 Long hours and big pressure.
🚨 You must always keep learning.
🚨 Mistakes can be costly.
🚨It’s not just hacking, it’s meetings and reports too.
❓️Why People Should Join Cybersecurity
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
November 25, 2024 at 7:47 PM
❓️Why People Should Join Cybersecurity
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
✅️ Cybersecurity needs heroes.
✅️ Stop hackers and protect the data.
✅️ Jobs are growing fast, secure your future.
✅️ Great pay, even for beginners.
✅️ Learn cool tech skills every day.
✅️ Make the digital world safer.
Let's give it a try on BlueSky!
November 16, 2024 at 10:18 AM
Let's give it a try on BlueSky!