@HTTP418InfoSec profile picture
HTTP418 @HTTP418InfoSec

Breaking stuff and writing about it

Joined April 2021
  • Tweets 97
  • Following 284
  • Followers 295
6 Photos and videos
For the last few weeks I’ve been trying to build a usable AI Vishing model as cheaply as possible, hopefully my post may help others who are considering doing something similar! http418infosec.com/developin…

Developing An AI Vishing Model For £37.49 - HTTP418InfoSec

A dive into how I built an AI-based vishing model using various APIs and EC2 instances for under £40

http418infosec.com
3
6
894
HTTP418 @HTTP418InfoSec
22 Jun 2025
Some thoughts on how to test against Scattered Spider TTPs and a quick summary on the current available TI. http418infosec.com/simulatin…

Simulating Scattered Spider - HTTP418InfoSec

A summary of the threat intelligence and TTPs which Scattered Spider have been observed to use, along with some ideas on how to test them!

http418infosec.com
3
6
616
HTTP418 retweeted
Chris Thompson @_Mayyhem
11 Apr 2024
I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager that can be run with Read-only Analyst privileges or higher in SCCM. Please share with your IT admins, defenders, clients, assessors, and friends in infosec! posts.specterops.io/rooting-…

Rooting out Risky SCCM Configs with Misconfiguration Manager

Learn how MisconfigurationManager.ps1 simplifies SCCM security audits by pinpointing TAKEOVER and ELEVATE vulnerabilities. Download the PowerShell script today!

specterops.io
1
135
340
40,177
Today the Cyber Safety Review Board released its independent review of the Summer 2023 Microsoft Exchange Online intrusion laying out what led to the intrusion & what industry & gov't can do to ensure an intrusion at this magnitude does not happen again. go.dhs.gov/JRT
6
117
249
148,386
HTTP418 retweeted
Justin Elze
 @HackingLZ
13 Mar 2024
Amazon is the new source for OST 🔥🔥
20
81
619
80,571
The GoPhish API can be used for some fun and games, my latest post shows how single use phishing links can be made using GoPhish AWS SES! http418infosec.com/one-time-…

One Time Phishing Links With Caddy & AWS SES - HTTP418InfoSec

Using GoPhish API, Python and AWS SES to make one time phishing links to frustrate analysts and spice up phishing exercises

http418infosec.com
1
2
178
HTTP418 retweeted
s1zz
 @s1zzzz
4 Dec 2023
MachineAccountQuota = 0, preventing you from grabbing NAA creds remotely? DPAPI to the rescue! Ported over NAA Extraction via DPAPI to sccmhunter. h/t: @agsolino & @clavoillotte for SystemDPAPI.py
5
79
309
67,426
HTTP418 @HTTP418InfoSec
14 Nov 2023
Confused on the basics of C ? Hopefully this little post will help out with some of the confusion! http418infosec.com/deez-word…
1
185
HTTP418 @HTTP418InfoSec
29 Aug 2023
I have just written a post (http418infosec.com/offensive…) summarising the various published SCCM attacks, from PXE enumeration through to Site Takeovers 1/2

Offensive SCCM Summary - HTTP418InfoSec

A summary of various red teaming techniques to compromise an SCCM environment using SharpSCCM and SCCMHunter.

http418infosec.com
2
36
88
7,511
HTTP418 @HTTP418InfoSec
29 Aug 2023
These attacks are from tooling and guides shared by @_Mayyhem, @garrfoster, @_xpn_, @Raiona_ZA and @DiLomSec1. @vendetce's talk at BHIS is a fantastic intro to the area if you have a spare hour, and was a huge help to me! 2/2
2
3
13
2,224
HTTP418 retweeted
vx-underground
 @vxunderground
22 Aug 2023
We would like to express our condolences to Blue Teamers. Microsoft has announced Microsoft Excel will now support Python. More information: techcommunity.microsoft.com/…

Introducing Python in Excel: The Best of Both Worlds for Data Analysis and Visualization | Micros...

            Today, we are excited to introduce the Public Preview of Python in Excel – making it possible to integrate Python...

techcommunity.microsoft.com
68
656
2,338
262,143
HTTP418 retweeted
mr.d0x
 @mrd0x
22 May 2023
Didn't have time to talk about the newly released TLDs last week, but here we go. File Archiver In The Browser: Emulating file archive software in the browser with a .zip domain for phishing mrd0x.com/file-archiver-in-t…

Security Research | mr.d0x

Providing security research and red team techniques

mrd0x.com
11
136
365
99,004
HTTP418 @HTTP418InfoSec
19 May 2023
I've just published a post on how Cypher language can be used to assess & audit an AD environment with some of its more complex features (1/2) http418infosec.com/2023/05/1…

1
19
56
4,819
HTTP418 @HTTP418InfoSec
19 May 2023
Additionally, I have done another post on the basics of BloodHound for those who are new to the tool! (2/2) http418infosec.com/2023/05/1…
2
7
367
Another amazing article by @KimZetter, grab a cup of tea and make time to read this!
Kim Zetter
 @KimZetter
2 May 2023
Two years ago the SolarWinds hack made history as the boldest, most sophisticated supply chain hack ever pulled off. I dug into the detailed story about the ingenious way the hackers pulled it off - and then got caught - in this tale for WIRED magazine wired.com/story/the-untold-s…
1
145
Seeing as #redteamtips have been all the rage recently, I thought I would put my own #whiteteamtips out there. My latest post is on how to make good timelines for red team testing, (hopefully) leading to less painful debriefs! http418infosec.com/diagrams-…

Diagrams: Timelines - HTTP418InfoSec

Ever wanted to make better diagrams and timelines for your red team reports? I will cover some ideas on how to better structure them.

http418infosec.com
1
136
HTTP418 @HTTP418InfoSec
12 Feb 2023
Great day at @BSidesCymru yesterday, thanks to all of the organisers and volunteers! Great talks from @teamcymru_S2 @matdotsh and @_EthicalChaos_ in particular 🏴󠁧󠁢󠁷󠁬󠁳󠁿
4
213
HTTP418 @HTTP418InfoSec
24 Jan 2023
KeePass is back in the news with CVE-2023-24055, very timely as I have a post on the trigger system & some other attacks against KeePass! http418infosec.com/attacking…

Attacking Password Managers: KeePass - HTTP418InfoSec

A look into how client based password managers such as KeePass can be attacked via various methods.

http418infosec.com
2
2
263
HTTP418 @HTTP418InfoSec
23 Jan 2023
Great write up on Invoke-ShareFinder from @iiamaleks!
The DFIR Report
 @TheDFIRReport
23 Jan 2023
ShareFinder: How Threat Actors Discover File Shares Detection Opportunities: ➡️ Network ➡️ PowerShell Logs ➡️ LDAP Logs ➡️ Object Access Logs thedfirreport.com/2023/01/23…
101
HTTP418 @HTTP418InfoSec
11 Jan 2023
I have recently been using Shodan quite a lot and have found some more tips and tricks in Shodan to hunt down the weird and wonderful assets for a target. http418infosec.com/shodan-20…

Shodan 201: Rummaging Around The Internet - HTTP418InfoSec

Some tips and tricks for how to use Shodan and its powerful filters to accurately query the internet!

http418infosec.com
1
1
108
Load more