@M4yFly profile picture
Mayfly @M4yFly
Joined November 2017
  • Tweets 590
  • Following 790
  • Followers 7,413
58 Photos and videos
Pinned Tweet
Mayfly@M4yFly
29 Nov 2024
Goad v3 merged into the main branch 🥳 Github : github.com/Orange-Cyberdefen… Doc : orange-cyberdefense.github.i…
19
158
557
37,172
Mayfly retweeted
SpecterOps@SpecterOps
Jun 10
MSSQL has always been a favorite target. Now it ships its own egress channel. @gershsec's latest research breaks down how SQL Server 2025's native AI features enable exfil, NTLM coercion, and C2 transport, all functioning as intended. Read more 👇 ghst.ly/4e2L3JX

Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025

New native AI features in Microsoft SQL Server 2025 provide a practical channel for data exfiltration and C2 transport within the database engine itself.

specterops.io
65
223
16,408
🎙 Retrouvez ce vendredi à Bordeaux nos speakers à l'événement @Sthack 🔸 @0x3lk : "Runtime blindspot : Abusing .NET Runtime Internals to Evade EDRs " 🔸 @M4yFly : Red Team : "20 missions plus tard : Autopsie de quatre années de mutation offensive" 👉 ow.ly/Zp1Y50Z4XkJ
3
9
1,838
Mayfly retweeted
bl4ck4rch@bl4ckarch
May 2
Replying to @M4yFly
Successfully Found my way up to Domain Admin I made a walkthrough on how i did that here bl4ckarch.github.io/posts/GO… Feel free to come and discuss about it 😉

GOAD-Dracarys

Dracarys is the latest GOAD lab made by MayFly, featuring some spicy Kerberos delegation abuse and a fun Linux privesc technique I hadn’t seen before.

bl4ckarch.github.io
3
33
124
6,669
Mayfly retweeted
Abdul Mhanni@abdo_mhanni
May 1
Replying to @Octoberfest73
@Octoberfest73 I remember you once posted a quirk of impacket that could be used as an ioc so I thought you’d like this list of 50 impacket IOCs😄 github.com/ThatTotallyRealMy…

GitHub - ThatTotallyRealMyth/Impacket-IoCs: This repo contains the results of an internal re-write...

This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library - ThatTotallyRealMyth/Impacket-IoCs

github.com
3
55
229
24,655
Mayfly retweeted
Synacktiv
@Synacktiv
Apr 30
This second blogpost concludes @yaumn_'s research on #Windows authentication reflection. He discloses the new Kerberos authentication coercion technique he discovered to remotely compromise Windows systems 💥 A little bonus is even included at the end 👀👇 synacktiv.com/en/publication…

Bypassing Windows authentication reflection mitigations for SYSTEM

Bypassing Windows authentication reflection mitigations for SYSTEM

synacktiv.com
2
56
125
11,753
Mayfly retweeted
Synacktiv
@Synacktiv
Apr 27
Authentication reflection attacks are still not dead! In our new blogpost series, @yaumn_ shares his journey into bypassing the mitigations of CVE-2025-33073 to pop SYSTEM shells again🚀 👇 synacktiv.com/en/publication…

Bypassing Windows authentication reflection mitigations for SYSTEM

Bypassing Windows authentication reflection mitigations for SYSTEM

synacktiv.com
2
55
153
15,695
Mayfly retweeted
🕳@sekurlsa_pw
Apr 29
If you want to contribute to Hacker Recipes: github.com/The-Hacker-Recipe… Guide for authors: thehacker.recipes/contributi…
Charlie Bromberg « Shutdown »@_nwodtuhs
Apr 28
Replying to @sekurlsa_pw
The site needs more authors, anyone has interesting techniques to share —> PR plzzzzzz 🙏
2
11
35
3,324
Replying to @sekurlsa_pw
The site needs more authors, anyone has interesting techniques to share —> PR plzzzzzz 🙏
2
5
14
4,571
Mayfly retweeted
Keanu Nys@RedByte1337
Apr 14
Just shipped GraphSpy v1.7.0 ✨ Mostly under-the-hood work this time with major refactoring to speed up future development ⚙️ Huge shoutout to n3rada for leading the effort! More exciting features coming soon 🚀 github.com/RedByte1337/Graph…

GitHub - RedByte1337/GraphSpy: Initial Access and Post-Exploitation Tool for Entra ID and M365 with...

Initial Access and Post-Exploitation Tool for Entra ID and M365 with a browser-based GUI - RedByte1337/GraphSpy

github.com
1
12
39
2,852
Mayfly retweeted
Nightmare Eclipse@ChaoticEclipse0
Apr 3
Publicly disclosing the bluehammer exploit, at the time of writing this, this vulnerability is still unpatched. Full PoC source can be found here - deadeclipse666.blogspot.com/…

22
155
923
274,256
Mayfly retweeted
Aurélien Chalot@Defte_
Mar 24
Thanks to Azox, it is now possible to use psexecsvc (github.com/sensepost/susinte…) through a socks proxy like ntlmrelayx allowing executing system commands via a trusted service, as NT System, and evading EDR's. Also thanks to @HackAndDo for his fixes :D
2
74
238
12,465
Mayfly retweeted
Synacktiv
@Synacktiv
Mar 24
If #RBCD has been thoroughly documented, only a few resources mention the workflow in cross-domain environment. In our new blogpost, we dive into the cross-domain and cross-forest RBCD workflows. Read it here 👇 synacktiv.com/en/publication…

Exploring cross-domain & cross-forest RBCD

Exploring cross-domain & cross-forest RBCD

synacktiv.com
44
108
10,153
Mayfly retweeted
PT SWARM@ptswarm
Mar 23
Two bugs. One chain. Full RCE. New research by Aleksandr Zhurnakov on Dell Wyse Management Suite shows how business logic flaws can be chained into complete system compromise. Read the full writeup! swarm.ptsecurity.com/busines…
1
80
345
25,111
Mayfly retweeted
TrustedSec
@TrustedSec
Mar 19
Who knew a really long string could make an Entra ID login disappear from the logs entirely? In our #blog, @nyxgeek breaks down how overflowing #Azure's sign-in logging mechanism allowed access tokens to be issued without a single log entry. Read it now! hubs.la/Q047xTVc0

Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found

trustedsec.com
5
112
456
159,498
Mayfly retweeted
Bad Sector Labs@badsectorlabs
Mar 16
🏟️ Ludus launched 2 years ago and the community embraced and extended it with write-ups, roles, configs, and environments. We're excited to see what you build with Ludus 2! (1/4)
1:08
3
21
82
8,679
Mayfly retweeted
John Hammond
@_JohnHammond
Mar 11
GraphSpy: A Hacker's Tooling Deep Dive, video demos with the creator @RedByte1337! 🤩 Keanu shows me the wild things you can do for post-exploitation in Entra ID -- even adding a physical security key for persistence and a ton of other tricks 🤯 Video: youtu.be/qEtoKC32UoE
6
69
394
53,358
🔥🐉 New GOAD Lab: DRACARYS I’ve just released a new free lab environment on GOAD: DRACARYS. The challenge includes 3 VMs and the objective is simple: Start with no authentication and work your way up to Domain Admin. Have fun exploiting it! 🔥🐉 mayfly277.github.io/posts/Dr…

Dracarys

DRACARYS is a new lab environment challenge (not for beginners) on GOAD : https://github.com/Orange-Cyberdefense/GOAD

mayfly277.github.io
12
98
298
17,711
Link to the GOAD project : github.com/Orange-Cyberdefen…

GitHub - Orange-Cyberdefense/GOAD: game of active directory

game of active directory. Contribute to Orange-Cyberdefense/GOAD development by creating an account on GitHub.

github.com
5
27
1,430
Mayfly retweeted
Christophe Boutry
@Ced_haurus
Mar 3
🚨 YGG — C’est terminé. #YGGdown Les serveurs auraient été vidés, puis détruits. Dans un article publié sur yggleak.top/fr, Grolum détaille la compromission totale de l’infrastructure (code, bases, configs, logs), sur fond de crise autour du “Turbo Mode” et de la monétisation. YGGLeak affirme aussi que le catalogue de torrents aurait été préservé avec l’aide du projet U2P, et annonce : - un tracker temporaire : ygg[.]gratis - des “nouveaux trackers” et une migration via ygg[.]gratis
98
235
1,688
418,480
Mayfly retweeted
Panos Gkatziroulis 🦄
@ipurple
Feb 26
Stuck Without Coercion options? Why not just Coerce MDE? medium.com/@Sniffler/stuck-w…

Stuck Without Coercion options? Why not just Coerce MDE?

tl;dr

medium.com
2
30
107
10,096
Load more