Wil's Avatar

Wil

@wilfri3d.bsky.social

27 Followers  |  69 Following  |  1 Posts  |  Joined: 03.12.2024  |  1.6548

Latest posts by wilfri3d.bsky.social on Bluesky

Post image

Our ninja @kalimer0x00.bsky.social is now on stage at #x33fcon to talk about his journey from dissecting SCCM until the discovery of the critical CVE-2024-43468 and the post-exploitation opportunitiesπŸ”₯

13.06.2025 14:46 β€” πŸ‘ 8    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Check out how I discover CVE-2025-33073 : RCE with NTLM reflectiv attack allowing authenticated user to compromise any machine without SMB signing enforced !

11.06.2025 10:42 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073

Microsoft just released the patch for #CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn.bsky.social and @wilfri3d.bsky.social.
www.synacktiv.com/publications...

11.06.2025 10:40 β€” πŸ‘ 7    πŸ” 5    πŸ’¬ 0    πŸ“Œ 1

I had the privilege to attend this training at Synacktiv and it might be the best training you can get when it comes to Azure given by two guy who does Red Team all year round on this subject. Don't wait !

21.03.2025 18:03 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Want to master cutting-edge techniques for attacking Azure?
Join us this summer at @blackhatevents.bsky.social in Vegas for a deep dive into red teaming on Azure, M365, Azure DevOps, and hybrid infrastructures.
Early bird tickets available until May 23rd!
www.blackhat.com/us-25/traini...

17.03.2025 16:16 β€” πŸ‘ 15    πŸ” 8    πŸ’¬ 0    πŸ“Œ 1
Preview
Taking the relaying capabilities of multicast poisoning to the next level: tricking Windows SMB clients into falling back to WebDav

In our latest article, @croco-byte.bsky.social and @scaum.bsky.social demonstrate a trick allowing to make Windows SMB clients fall back to WebDav HTTP authentication, enhancing the NTLM and Kerberos relaying capabilities of multicast poisoning attacks!
www.synacktiv.com/publications...

27.02.2025 10:21 β€” πŸ‘ 10    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Post image

We've just updated our training catalog to include the latest additions, including a brand new course on ransomware investigations!
Find all the dates and details at www.synacktiv.com/en/offers/tr...

13.02.2025 11:00 β€” πŸ‘ 7    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0
Preview
Abusing multicast poisoning for pre-authenticated Kerberos relay over HTTP with Responder and krbrelayx

In our latest article, @croco_byte proposes an implementation of a trick discovered by James Forshaw in his research regarding Kerberos relaying. Discover how to perform pre-authenticated Kerberos relay over HTTP with our Responder and krbrelayx pull requests!
www.synacktiv.com/publications...

27.01.2025 12:06 β€” πŸ‘ 16    πŸ” 12    πŸ’¬ 0    πŸ“Œ 1
Post image

Yay! Our offensive Azure training was accepted at BlackHat USA 2025 πŸ₯³ Can't wait to see you there and share cutting-edge techniques for attacking Azure environments!

20.01.2025 09:24 β€” πŸ‘ 9    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0

@wilfri3d is following 20 prominent accounts