Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Joined April 2009
- Tweets 19,150
- Following 1,295
- Followers 26,650
- Likes 21,773
7,269 Photos and videos
Pinned Tweet
28 May 2023
Just wanted to remind everyone. Azure Cloud training does not need to be super expensive. You just need to know where to look. Because that is what hackers do.
#Azure #Cloud #Hacking
Books:
amazon.com/Penetration-Testi…
Labs:
github.com/iknowjason/Awesom…
Free SANS Courses (on demand):
sans.org/webcasts/sans-works…
sans.org/webcasts/sans-works…
(Jun8th 2023..live!)
sans.org/webcasts/hands-on-w…
Need more training. Feel Free to check out my blog on this topic:
rootsecdev.medium.com/becomi…
13
241
868
158,041
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) labs.watchtowr.com/why-use-a…
1
1
19
1,501
You can only get so far before you start fighting your own biology. It takes time, patience, and a lot of effort. Another day down at the gym ✌️
1
25
864
rootsecdev retweeted
Jun 12
vibeCodedAppSecurity
32
305
4,779
81,962
rootsecdev retweeted
Jun 13
JUST IN: Trump administration moves to block foreign governments, companies & individuals from accessing Anthropic's Fable & Mythos models.
147
229
3,209
438,863
Jun 12
No further context
seattletimes.com/business/zu…
Jun 12
META MOVES TO LIMIT EMPLOYEE AI USAGE AS COSTS REACH BILLIONS
10
1,352
rootsecdev retweeted
Jun 12
Talk is over and reel is finally public. github.com/trustedsec/Reel
Jun 12
#x33fcon "Towards Continuous #Social #Engineering" talk by @two06 - x33fcon.com/#!/s/JamesWillia… - #red, #demo, #social_engineering
8
13
2,735
rootsecdev retweeted
Jun 12
JavaScript escaped the browser. JS-Tap v3 followed it. In our new #blog, Principal Security Consultant @hoodoer introduces three new beacons targeting the Electron apps, browser extensions, and Node runtimes running on corporate workstations. Read it now! hubs.la/Q04lbHYc0
1
27
59
5,492
rootsecdev retweeted
Jun 11
Releasing DCOMIllusionist as part of our talk on DCOM at @x33fcon with @k3vinTell. It's a remote in memory fileless lateral movement technique based on some research of @tiraniddo
github.com/synacktiv/DCOMIll…
2
124
341
16,201
Jun 12
👀
7
1,026
Jun 12
Wow
Jun 11
Pasadena Officer Shot by Fellow Officer During "Horseplay," Chief Says
PASADENA, Calif. — The Pasadena Police Department has released a Critical Incident Video concerning an officer-involved shooting that occurred on September 7, 2025, inside the department's parking structure at 240 Ramona Street in Pasadena. The incident resulted in injuries to one Pasadena police officer, who has since recovered.
Pasadena Police Chief Gene Harris said the incident involved "unsafe, out-of-policy horseplay involving loaded firearms" between department personnel. Chief Harris stated that one officer was wounded as a result of the shooting and emphasized that the conduct depicted in the video did not reflect the department's standards or expectations.
The injured officer was transported for medical treatment and has since recovered from the injuries sustained during the incident. Pasadena police have not publicly identified the officers involved, and no members of the public were injured.
The case remains under investigation and review by the Pasadena Police Department and the Los Angeles County District Attorney's Office.
Sources: Pasadena Police Department; City of Pasadena; Los Angeles County District Attorney's Office.
#police #cops #crime #policia #polizei #Police_Incidents #CrimeNews
1
1
1,489
Jun 11
I promise it wasn’t me
We're looking into a potential problem impacting Microsoft 365 Copilot chat. For more information, please see CW1387674 in the Microsoft 365 admin center.
2
14
2,372
Jun 11
My talk on weaponization of token theft is ready for viewing along with tons of other fantastic talks from #SmileyCon
I know its been a hot minute since I spoke at a public con. I'll get there eventually. But for now baby steps. Still doing what I love at a company I truly believe in.
Great Scott enjoy the talks!
Jun 11
Wait a minute, Doc 👀 Are you telling me this year's #SmileyCon sessions are available for everyone? Check out the latest #cybersecurity insights and expert perspectives from the Doc Browns of TrustedSec—watch now! hubs.la/Q04l5H5L0
4
21
1,044
Congress Fails to Reauthorize America's Most Powerful Surveillance Law, Which Expires at Midnight Friday gizmodo.com/congress-fails-t…
1
3
4,104
rootsecdev retweeted
Jun 11
Now that we've identified the blind spot, here's how to fix it. In Part 2 of our two-part series, @Carlos_Perez delivers a phase-based implementation guide to hardening Microsoft #Intune across 11 critical controls. Read it now! hubs.la/Q04l3yQk0
1
13
29
4,199
Jun 11
👀
Jun 10
JUST IN: Engineer uses Claude to build a “coworker stress leaderboard” showing who caused him the most stress by syncing his WHOOP & calendar data.
2
2,107
rootsecdev retweeted
Jun 8
Our statement on the UK government’s demand that all content on all devices sold or used in the country be scanned, on the presumption of nudity, using a dystopian combination of age verification and content scanning. This proposal will not safeguard children. It endangers us all.
signal.org/blog/pdfs/2026-06…
738
8,542
41,298
2,719,626
rootsecdev retweeted
Jun 8
⚠️Be aware: this makes the account unusable.
From the original research by @tiraniddo:
"user is sacrificial, it might be hard to login using a password afterwards. If you can't immediately reset the password due to the domain's policy the user might be completely broken."
Jun 7
SPN-less RBCD with NetExec🔥
While classic RBCD requires a computer account, you can use U2U authentication to perform RBCD with a normal user account, if a computer account is not available.
Thanks to @azoxlpf, you can now perform this attack with NetExec as well🚀
ALT SPN-less RBCD with NetExec
2
11
68
7,549
rootsecdev retweeted
Jun 10
BREAKING: USERS ARE SHOWING THE SUPREME OMNIPOTENT POWER OF THE CLAUDE MYTHOS.
QUIT YOUR JOB IN CYBERSECURITY AND START PUTTING IN APPLICATIONS FOR MCDONALDS NOW
84
215
4,406
219,941
rootsecdev retweeted
‼️ Nightmare Eclipse is back on GitHub under a new alias and has released a new Windows Defender vulnerability zero-day called RoguePlanet.
PoC: github.com/MSNightmare/Rogue…
New GitHub Account: github.com/MSNightmare
17
188
1,241
67,622