Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them. GPOZaurr provides 360 degrees of information about Group Policies and their settings. But that’s not all.
Continue readingHow Microsoft names threat actors
Microsoft uses a naming taxonomy for threat actors aligned with the theme of weather. We intend to bring better clarity to customers and other security researchers with this taxonomy.
Continue readingHow I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation
In this post I’ll show you how I found a zeroday vulnerability in the Linux kernel using OpenAI’s o3 model. I found the vulnerability with nothing more complicated than the o3 API – no scaffolding, no agentic frameworks, no tool use. Recently I’ve been auditing ksmbd for vulnerabilities.
Continue readingOWASP/wrongsecrets
Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques.
Continue readingOIDC Tester
OpenID Connect is a simple identity layer built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of end-users and obtain basic profile information in a REST-like manner.
Continue reading«Die US-Regierung hat die Möglichkeit, auf viele Politikermails in Europa zuzugreifen»
Bert Hubert, Sie beraten regelmässig Politikerinnen. Was sagen Sie zur Signal-Affäre, bei der der Chefredakteur des Magazins «The Atlantic» versehentlich in einen Gruppenchat mit dem US-Vizepräsidenten J. D.
Continue readingURL validation bypass cheat sheet for SSRF/CORS/Redirect – 2024 Edition | W
This cheat sheet contains payloads for bypassing URL validation. These wordlists are useful for attacks such as server-side request forgery, CORS misconfigurations, and open redirection.
Continue readingConditional Access Regelwerke in 2025 –
Wie viele Policies sind notwendig, um einen Microsoft 365 Tenant vernünftig abzusichern? Zwei? Drei? Zwölf? Dreißig? Die Wahrheit liegt für die meisten Tenants dazwischen. Es gibt einige Dinge zu beachten und kein passendes CA-Regelwerk von der Stange.
Continue readingGitHub – nshalabi/SysmonTools: Utilities for Sysmon
Sysmon View helps in tracking and visualizing Sysmon logs by logically grouping and correlating the various Sysmon events together, using existing events data, such as executables names, session GUIDs, event creation time, etc., the tool then re-arranges this data for display into multiple views
Continue readingGitHub – decoder-it/KrbRelayEx-RPC
KrbRelayEx-RPC is a tool similar to my KrbRelayEx designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets.
Continue reading