Marmeus (@marmeus)

16 Jun 2022

After much effort, I've published my TFM: a #pentesting #guide where you'll find all the steps from the pre-engagement, enumeration, exploitation, post-exploitation and report. It is an alpha, but I hope you like it :D the-pentesting-guide.marmeus…

The Pentesting Guide

Marmeus

Jun 2

The #HackTricks #AZRTE certification is finally out. Take a look, and please drop any constructive feedback or thoughts in the comments! marmeus.com/post/AZRTE-Hackt… #RedTeam #Cloud #Pentesting #Security #HackTricksTraining #Infosec

Azure Red Team Expert (AZRTE) - HackTricks

Honest review about the Azure Red Team Expert (AZRTE) by HackTricks, where I will talk about the its lab, what it consists of, and some tips to pass it. Amazon Web Service, Cloud, Red Team, Pentest.

Marmeus

May 30

If you've ever been overwhelmed by token management during an Azure engagement, only usable through PowerShell or API Rest I created azure-cli-mitm to bridge that gap. github.com/Marmeus/azure-cli… #Azure #cli #Cybersecurity #RedTean #Pentesting #Cloud

GitHub - Marmeus/azure-cli-mitm: Proxy to intercept Azure Cli Communications in order to append or...

Proxy to intercept Azure Cli Communications in order to append or modify the session tokens - Marmeus/azure-cli-mitm

Marmeus

Feb 24

This Saturday I became AWS Red Team Expert (#ARTE) - #HackTricks As always, you can check my thoughts about this cert ;) marmeus.com/post/ARTE-HackTr…

AWS Red Team Expert (ARTE) - HackTricks

Honest review about the AWS Red Team Expert (ARTE) by HackTricks, where I will talk about the its lab, what it consists of, and some tips to pass it. Amazon Web Service, Cloud, Red Team, Pentest.

r4ulcl

Marmeus retweeted

r4ulcl @_r4ulcl_

Jan 22

I’ve published my Mythic OSEP CheatSheet repository. Cheatsheet and scripts I used to pass OSEP with Mythic C2, including automation for VPN IP changes and faster workflows GitHub github.com/r4ulcl/Mythic-OSE… Blogpost r4ulcl.com/posts/passing-the… Optimized to OSEP, not real world ops ;)

GitHub - r4ulcl/Mythic-OSEP-CheatSheet: Mythic C2 CheatSheet for OSEP

Mythic C2 CheatSheet for OSEP. Contribute to r4ulcl/Mythic-OSEP-CheatSheet development by creating an account on GitHub.

157

8,520

Unai Cano

Marmeus retweeted

Unai Cano

@unaicano10

22 Sep 2025

🔴 URGENTE | El influencer Peldanyos ESTALLA contra el Gobierno y defiende al portavoz de VOX, Samuel Vázquez: "Te ponen trabas para denunciar porque no interesa vender que la criminalidad sube". "En este país van a acabar pasando cosas muy graves. Lo peor está por llegar".

4:05

459

2,492

13,909

4,946,278

h-c0n

Marmeus retweeted

h-c0n @h_c0n

21 Sep 2025

🚀H-C0N returns in 2026! Abierto CFP Los próximos 6 y 7 de febrero en Madrid volvemos con una nueva edición de H-C0N. ¿Quieres impartir una charla o taller y convertirte en uno de los ponentes de esta sexta edición? No lo dudes y mándanos tu propuesta a docs.google.com/forms/d/e/1F…

5,271

Marmeus

25 Jun 2025

Published the post about the lab #SUMMUS from Extreme Red team Laboratories marmeus.com/post/SUMMUS #OffSec #RedTeam #ActiveDirectory #GCloud #Azure #AWS #ExtremeRedTeam

SUMMUS (ERTL) - 2025

Honest review about the SUMMUS: Extreme Red Teamer Lab, where I will talk about the SUMMUS lab, what it consists of, and some tips to pass it. Active Directory, Windows Defender, certs, certificati...

221

Angel Montes

Marmeus retweeted

Angel Montes @_N0xi0us_

12 May 2025

We did it again ! We won the HackerOne Ambassador World Cup for the second year in a row! 🇪🇸🏆 Also happy to share I got Best Hacker award during Elite Eight round in Prague . Thanks to my teammates for their hard work during the whole competition 💪🏻💪🏻

198

9,035

djurado

Marmeus retweeted

djurado @djurado9

12 May 2025

Spain wins the Ambassador World Cup organized by @Hacker0x01 We did it again! Proud of this team and to prove again that Spain has some of the best hackers in the world. linkedin.com/posts/djuradopa…

#hacking #bugbounty #cibersecurity #security #hackerone | Diego Jurado Pallarés | 42 comments

𝗦𝗽𝗮𝗶𝗻 𝗪𝗶𝗻𝘀 𝗛𝗮𝗰𝗸𝗲𝗿𝗢𝗻𝗲 𝗔𝗺𝗯𝗮𝘀𝘀𝗮𝗱𝗼𝗿𝘀 𝗪𝗼𝗿𝗹𝗱 𝗖𝘂𝗽 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗦𝗲𝗰𝗼𝗻𝗱 𝗬𝗲𝗮𝗿 𝗶𝗻 𝗮 𝗥𝗼𝘄 After a full year of hard work, we’re proud to share that we’ve won...

linkedin.com

119

7,287

hipotermia

Marmeus retweeted

hipotermia @hipotermia

12 May 2025

We won the HackerOne Ambassador World Cup for the second year in a row! 🇪🇸🏆 Thanks to every member of the team, none of this would have been possible without them.

189

8,654

Marmeus

1 May 2025

New feature for #pentesting #infrastucture, now the executed commands of the pentesting team are stored on the server to perform deconflicts with the clients. github.com/Marmeus/pentestin…

GitHub - Marmeus/pentesting-infrastructure: A small infraestructure for a beginner pentesting team

A small infraestructure for a beginner pentesting team - Marmeus/pentesting-infrastructure

120

Marmeus

5 Dec 2024

On a #pentest or #redteam you might encounter with VPN profile with stored credentials and want to retrieve it. Due to the lack of information about this topic, I have made a small section in the guide. New information about this, will be always welcomed the-pentesting-guide.marmeus…

Dumping Credentials | The Pentesting Guide

233

Marmeus

academy.wifichallenge.com

29 Sep 2024

To everyone who wants to start its journey on #WiFi #attacks, do not forget to get certified on #WifiAcademy using my link, you'll not only level up your skills but also support me. academy.wifichallenge.com/?r…

WiFiChallenge Academy

Master Wi-Fi security fundamentals, perform network audits and attacks, and implement protection measures. Gain hands-on experience and earn your Certified WiFiChallenge Professional (CWP) certific...

155

Marmeus

16 Sep 2024

Review about the #CWP from @WiFiChallenge already published! 😎 marmeus.com/post/CWP-review

CWP Review - 2024

Review about the new Wifi certification (CWP), where I will talk about the course, exam and some tips for the exam. Wi-Fi, Wireless, WEP, WPA-PSK, WPA Enterprise, certs, certification.

394

r4ulcl

Marmeus retweeted

r4ulcl @_r4ulcl_

2 Sep 2024

🎉 Excited to share I’ve earned the FIRST Certified WiFiChallenge Professional (CWP) certificate! 🏆 (Yes, it’s my own course! 😂) The course will be open to everyone soon—stay tuned! Looking forward to seeing who joins me next! 🚀 #CWP #WiFiChallenge credential.net/af758ecb-bc89…

680

Marmeus

4 Apr 2023

I have developed a vulnerable Active Directory environment using #Vagrant, #Ansible and #Windows #hyperv, leading to outstanding performance and consuming few resources. Improve your #AD #pentesting skills, test C2 programs, or develop software... github.com/Marmeus/capsuleco…

2,358

more replies

Marmeus

25 May 2023

New big update: - KMS - Office - Windows Workstation Development These changes can help you to practice for certs like #OSCP #OSEP #CRTO #CRTO2 #CRTP

316

Marmeus

2 May 2024

A small but big change on mad-hyperv. There is no need for a DHCP server. So, you can install the set of machines you wish ;) Only #AD | Only attacking machines | Everything The older method is on the DHCP branch. #OSCP #OSEP #CRTO github.com/Marmeus/mad-hyper…

GitHub - Marmeus/mad-hyperv: Ansible Vagrant Hyper-V Vulnerable AD 😎

Ansible Vagrant Hyper-V Vulnerable AD 😎. Contribute to Marmeus/mad-hyperv development by creating an account on GitHub.

151

Marmeus

15 Mar 2024

Let's keep with the tradition. In today's post, I will review the certification #OSWP from #Offsecp, where I will give you some tips on how to pass the exam. Finally, a shoutout to @_r4ulcl_ for its extraordinary lab. #WifiChallengeLab #Pentesting marmeus.com/post/OSWP-review

OSWP Review - 2024

Honest review about the Offsec Wireless Professional (OSWP), where I will talk about the course, exam and some tips for the exam. Wi-Fi, Wireless, WEP, WPA-PSK, WPA Enterprise, certs, certification.

326

r4ulcl

Marmeus retweeted

r4ulcl @_r4ulcl_

17 Feb 2024

#WiFiChallengeLab at @Disobey_fi! Workshop "Advanced WiFi Attacks for Red Team Professionals" is today at 17:15, see you there.

454

Marmeus

16 Jun 2022

The Pentesting Guide

more replies

Marmeus

17 Sep 2023

I wanted to update the phishing section several months ago, but I forgot. Finally, I have added, what I think is a good way to objectively evaluate a phishing campaign. Constructive criticism is always welcomed ;) the-pentesting-guide.marmeus…

Phishing Evaluation | The Pentesting Guide

201

Marmeus

6 Feb 2024

New update!!! the-pentesting-guide.marmeus… #AD #OSEP #OSCP #Phishing #MSSQL #Mimimkatz

233

Marmeus

6 Feb 2024

As usual, after passing a certification comes a review of it. So, today, the review of the #OSEP, with my opinions about the syllabus, how the course was conducted and #tips for the #exam. marmeus.com/post/OSEP

OSEP Review - 2024

Honest review about the OffSec Experienced Penetration Tester (OSEP), where I will talk about the course, exam and some tips for the exam. Active Directory, Malware, Windows Defender, certs, certif...