@TimMedin profile picture
Tim Medin @TimMedin

Kerberoast Guy • @RedSiege CEO • IANS Faculty • Former SANS SEC560 Author, Senior Instructor • Packers Owner #GoPackGo • Work Req: redsiege.com/contact

Joined April 2008
  • Tweets 20,225
  • Following 594
  • Followers 17,705
1,813 Photos and videos
Pinned Tweet
Tim Medin@TimMedin
10 Sep 2025
A senator talking about Kerberoasting was not on my bingo card!
11
15
162
12,676
I decided to chat with a spammer/scammer. I found them to be pretty honest and forthcoming.
1
1
16
1,554
Apple's Liquid Glass was cool for like 1 minute.
3
600
Great stuff from @hardwaterhacker
Red Siege Information Security@RedSiege
Jan 6
In this Red Siege Knowledge Brief, CEO @TimMedin sits down with Principal Security Consultant Mike Saunders to explore a clever red team technique: concealing shellcode within image files to enable stealthy payload delivery. youtu.be/_XKDH5rjixc?si=JEMJ…
1
605
Minor league hockey is the best!
1
572
Watching Third Eye Blind halftime show. After 30 years it’s good to know they haven’t changed and are as off key as when I saw them open for U2 in the 90s.
2
791
Stranger Things finale was weird. After the climax it went on for far too long. They could have, and should have, trimmed 30-40 minutes.
1
591
Bowl season is the best!
CFB Kings
@CFBKings
31 Dec 2025
This is an all-time bowl game picture
1
706
How often do you reboot your computer? Once every couple of months for me.
3
3
1,042
Tim Medin retweeted
Red Siege Information Security@RedSiege
Jan 1
New Year. Same Mission. Let's get to work! #hacking #infosec #cybersecurity
0:10
2
3
712
Tim Medin@TimMedin
26 Dec 2025
Just stopped to get some BBQ. Plenty of time.
3
2
657
Tim Medin@TimMedin
26 Dec 2025
Ate the fantastic turkey sandwich, boarded with group 7 or something. #nailedit
2
468
Tim Medin@TimMedin
23 Dec 2025
There is Hitchcock on your camera
2
537
Tim Medin@TimMedin
12 Dec 2025
Good way to go into the weekend
422
Tim Medin@TimMedin
11 Dec 2025
Months of battling, and I won. Inbox zero. ... for now.
4
548
Tim Medin retweeted
Wild West Hackin' Fest@WWHackinFest
11 Dec 2025
Don't forget to grab yer tickets for WWHF @ Mile High 2026! -> wildwesthackinfest.com/wild-… Check out @TimMedin's talk, "Death by Dashboards : Moving the Needle on What Actually Matters," from Wild West Hackin' Fest - Deadwood 2025! youtube.com/watch?v=BgxWaLUr…

Wild West Hackin' Fest @ Mile High 2026 - Wild West Hackin' Fest

Registration Now Open!

wildwesthackinfest.com
2
6
1,185
Tim Medin@TimMedin
10 Dec 2025
Microsoft created Get-KerbEncryptionUsage.ps1 to query the event log to see which encryption types Kerberos used within your environment. Run this, find the ones that MUST use RC4, and burn the rest. Then figure out how to upgrade the others from RC4 or pick a great password.
Tim Medin@TimMedin
10 Dec 2025
"By mid-2026, ... Windows Server 2008 and later to only allow AES-SHA1 encryption. RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." microsoft.com/en-us/windows-…
5
4
1,144
Tim Medin@TimMedin
10 Dec 2025
"By mid-2026, ... Windows Server 2008 and later to only allow AES-SHA1 encryption. RC4 will be disabled by default and only used if a domain administrator explicitly configures an account or the KDC to use it." microsoft.com/en-us/windows-…

Beyond RC4 for Windows authentication | Microsoft Windows Server Blog

As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever.

microsoft.com
2
1,462
Tim Medin@TimMedin
4 Dec 2025
Is there a modern equivalent of Highlighter (originally from Mandiant) that allows you to quickly rip through large text and log files? Ideally something that works on Mac or Linux. Original: fireeye.market/apps/211376

Highlighter | FireEye Market

Log and text file views.

fireeye.market
1
3
842
Tim Medin retweeted
Sean Goodwin
@0xSeanG
4 Dec 2025
Worst "pentest" report finding ever? Title: "Internet accessible authentication prompt" Evidence: Screenshot of a VPN login Recommended Remediation: "Verify the business purpose for this service to be available from the Internet. This service should be disabled if there is no business purpose for it." The people pulling this stuff off should not only be ashamed, but should not be allowed to use computers anymore.
6
4
28
4,099
Tim Medin@TimMedin
2 Dec 2025
Me with my driver on every par 5
Warren Sharp
@SharpFootball
2 Dec 2025
Koo’s body powered down wth
0:20
1
4
577
Load more