// Professional Bandit // Hacker, Researcher, Tinkerer @ SilverSky // Personal Views
Joined June 2019
- Tweets 1,516
- Following 1,105
- Followers 275
- Likes 6,038
180 Photos and videos
Bandit Pingu retweeted
Jun 10
BREAKING: USERS ARE SHOWING THE SUPREME OMNIPOTENT POWER OF THE CLAUDE MYTHOS.
QUIT YOUR JOB IN CYBERSECURITY AND START PUTTING IN APPLICATIONS FOR MCDONALDS NOW
84
215
4,404
220,278
Bandit Pingu retweeted
Please stop this madness.
Jun 8
We are now tracking 471 affected artifacts across npm and PyPI in the Mini Shai-Hulud/Miasma/Hades campaign.
The newer PyPI artifacts from this wave have been added to the dedicated campaign tracker.
Full breakdown:
socket.dev/blog/mini-shai-hu…
21
166
1,604
75,089
Bandit Pingu retweeted
Jun 5
> Microsoft GitHub repos banned
> "Terms of Service violation"
> ???
> Look inside
> Was compromised
... was Microsoft going to become a victim of a supply chain attack on their own platform via their own product?
Jun 5
🚒More fallout from the Mini Shai-Hulud campaign
49 Microsoft, Azure, and Azure-Samples GitHub repos were removed at 16:00 UTC for Terms of Service violations
This is linked to news this morning that attackers had regained access, after the previous durabletask compromise
34
284
2,695
162,420
Bandit Pingu retweeted
Jun 3
The lolbin gods delivered
4
26
266
16,341
Bandit Pingu retweeted
Jun 1
When a security researcher harms customers it's a crime, but when Microsoft does it it's called Copilot.
22
90
816
19,334
Bandit Pingu retweeted
May 28
Last time I dealt with MSRC.
Responsibly disclosed an issue with legacy auth that allowed me to spray passwords at <redacted endpoint> and avoid smart lockout.
Receives email.. 5 months after initial case opening.
“Doesn’t meet the bar for servicing”
Microsoft silently fixed. Closed case.
microsoft.com/en-us/msrc/blo…
18
87
676
88,726
Bandit Pingu retweeted
May 26
Why MS insists on turning everything on by default while they claim to have their customers security as a top priority baffles me. This pshell command will toggle these off as well as any future connectors that drop.
Yes DLP would protect your orgs data exfil - that isn't the point. Not every Org is there yet - so please stop enabling things like this without Admin consent.
M365 Admin portal / Copilot / Connectors
learn.microsoft.com/en-us/mi…
@Copilot @NathanMcNulty
8
18
92
26,796
Bandit Pingu retweeted
May 6
After not receiving a raise in the four years I’ve worked at BHIS they’ve now decided to reduce my pay by $40k after coming back from maternity leave and moving my role to solely pentesting. So I am looking for a new position effective immediately if anyone has any leads 😇
175
269
1,877
292,516
Bandit Pingu retweeted
Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them.
250
1,325
8,710
1,582,457
Bandit Pingu retweeted
Mar 22
New NetExec module: mssql_cbt🔥
Relaying to MSSQL can be a hidden gem when you are out of options. The only protection against relaying to MSSQL is to enforce Channel Binding Tokens (CBT). Thanks to @Defte_, NetExec now has a module that checks whether this CBT is required.
ALT Relaying to MSSQL when Channel Binding Tokens (CBT) are not required, which you can check with the new NetExec module "mssql_cbt".
Mar 22
Following the blogpost about implementing the Channel Binding token for TDS.py on Impacket (sensepost.com/blog/2025/a-jo…), here is the module you can use to check whether or not CBT is required on MSSQL databases via NetExec github.com/Pennyw0rth/NetExe… 🔥🔥
66
267
34,565
Bandit Pingu retweeted
Apr 11
So applications can be multi tenant or single tenant and have either delegated or administrative permissions and sometimes we call them service principals but there’s actually a difference between an application and a service principal
8
19
169
8,584
Bandit Pingu retweeted
Apr 7
Stop clicking through 15 menus just to find one Azure blade
🛑55,000 Microsoft pros use cmd.ms to skip the portal fatigue.
I just launched a massive V2 rewrite:
⚡️ 100% keyboard-driven
🎯 Jump to any blade instantly
🔍 New Purview Security commands
7
57
296
28,270
Bandit Pingu retweeted
Mar 28
Small updated to DRSAT just pushed that will also allow Group Policy Editor and Certificate Authority / Templates MMC snap-ins work over a TCP only SOCKS connection.
github.com/CCob/DRSAT
4
62
155
14,919
Bandit Pingu retweeted
Mar 25
tweeps, it would be sensible for cyber nerds and privacy nerds to complete the responses this;
gov.uk/government/consultati…
5
24
70
5,105
Bandit Pingu retweeted
Mar 19
The UK's censorship agency, Ofcom, issued 4chan with a giant fine today.
We responded to Ofcom with a giant hamster today.
683
2,499
20,331
1,349,357
Bandit Pingu retweeted
Mar 16
Companies House has put out a statement confirming that, for five months, every company in the UK was vulnerable to the simple exploit we identified on Friday. It enabled anyone in the world to view and change their company details.
182
1,302
4,006
398,034