Joined August 2010
- Tweets 2,453
- Following 369
- Followers 1,428
- Likes 2,256
223 Photos and videos
Jean Marsault retweeted
21 May 2025
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability
It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷♂️
Read Here - akamai.com/blog/security-res…
22
371
876
167,695
7 Apr 2025
trying my luck here, has anyone struggled with "message stream modified" when trying to use a ccache file, valid with KfW, recognized by klist and usable by kinit / kvno, but a Java-based app fails with this error?
217
Jean Marsault retweeted
8 Nov 2024
Breaking PHP's mt_rand() with 2 values and no bruteforce
ambionics.io/blog/php-mt-ran…
6
24
1,863
Jean Marsault retweeted
30 Oct 2024
A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today !
The full implem can be found directly in the @defcon workshop in my github !
Hope you will learn something in this 😊
riskinsight-wavestone.com/en…
3
92
313
25,195
Thanks to a great article from @itm4n, I discovered a bypass to install vulnerable printer's drivers when low level users are allowed to install them on Windows allowing escalating privileges. He published a detailed explanation: itm4n.github.io/printnightma…
65
214
14,565
4 Aug 2024
Y'a que moi qui ai l'impression que le wifi SNCF c'est de pire en pire ?
Et je vous dis pas si c'est vraiment des Mb et pas des Mo...
1
1
684
16 Jul 2024
Va falloir expliquer ce qu'on appelle une cyber attaque hein, j'en ai déjà géré plusieurs dizaines, mais de la a en avoir 1 pour chaque paire d'humain sur la planète... 🤔
Ou alors 1 paquet malveillant (most likely DDoS) == une cyber attaque ?
01net.com/actualites/4-milli…
7
4
23
7,269
16 Jan 2024
One of the most beautiful classic/epic piano/violin set of tracks I came across in the last years
Congratz to A. S. Versnaeyen & Gabriel Saban
Vol 1: open.spotify.com/album/21NjA…
Vol 2: open.spotify.com/album/12xXd…
3
308
2 Oct 2023
Very nice article by @OtterHacker on process injection with #NtSetInformationProcess & #Nirvana debugger!
riskinsight-wavestone.com/en…
6
22
3,350
Jean Marsault retweeted
29 Sep 2023
Hey @orangecyberdef, you just published a GitHub project under your org’s name whose code is 94% copy-pasted from of a competing firm’s project, removed original authors’ commits from Git history and changed its name as if adding a feature to a project made it entirely your own.
4
5
27
6,454
25 Sep 2023
Curious case:
* Exploiting ESC01 either via MMC GUI or via certipy
* Using Rubeus & Kekeo to get TGT via certificate
* Certificate is in NTAuthStore and in AD Certification Authorities (so normally in trust stores)
Getting KDC_ERR_CLIENT_NOT_TRUSTED in every combinatio... Ideas?
5
5
24
8,893
Jean Marsault retweeted
12 Sep 2023
Ever wanted to understand PHP concepts in depth? This series of 2 articles by @_remsio_ details a POP chain targeting the doctrine/doctrine-bundle package. In this first one, we aim to show a full methodology of POP chain research. Stay tuned for part 2!
synacktiv.com/en/publication…
46
141
17,458
[#Event🚀] Bravo à @iansus qui remporte son Groot suite à notre challenge ! 🤩
Merci à tous pour cette journée a @_barbhack_ et rdv au BBQ 🤤🔥
#Cybersécurité #Barbhack2023
1
1
11
1,300
26 Jul 2023
Does anyone have a reliable way of decrypting IIS encrypted connection strings without using ASPNet_RegIIS.exe?
1
1
741
21 Jul 2023
After 10 years & seasons, I just watched the last episode of #TheBlacklist. Truly an amazing and intense thriller show. Thank you @iJamesSpader for your performance!
1
6
29
2,731
16 Jul 2023
Road to zombie virus, enjoy your last days!
15 Jul 2023
NEWS 🚨: U.S. Space Command has confirmed that fragments of an interstellar meteor have been recovered in the Pacific Ocean
This is the first time humans have come in contact with something from another Solar System 😳
1
403
11 Jul 2023
🚩 @wavestoneFR CTF team #YoloSw4g ranks first of 80 teams at #CyberEx23!
🚩 Thanks @INCIBE and @OEA_Cyber for the organization & challenges!
🚩 Congratz to @_Qazeer @th3m4ks and @meaz0u for the great team we've been for the last 8 hours, now we go to a well-deserved sleep!
3
6
26
2,904
4 Jul 2023
Infosec people, if you use chatGPT-3 in your security research what are your best tips/prompt to face the inaccuracies it produces.
In 1 out of 3 prompts, answers on subjects not widely covered are incomplete/wrong (esp. CLIs with missing prerequisites or extrapolated behaviour)
2
1
945