@scriptkaty profile picture
5CRIP7K47Y @scriptkaty

⚚ A Brave and Untiring Tractor ⚚ OSCP Pentester & Red-Teamer ⚚ Candy Addict ⚚ Opinions are my own. She/Her.

Joined June 2010
  • Tweets 2,616
  • Following 691
  • Followers 243
56 Photos and videos
Pinned Tweet
5CRIP7K47Y@scriptkaty
19 Mar 2022
I’m not a scriptkiddie, I’m a scriptkaty. 😝
2
5CRIP7K47Y retweeted
meg west
@cybersecmeg
18 Jun 2024
drop your top tips for helping/improving your mental health in the comments! i’ll start: accept that it’s okay - normal, even - to not spend all of your time in front of a screen. you don’t have to be practicing or studying cyber 24/7/365 in order to be successful in the field.
40
11
102
17,196
5CRIP7K47Y retweeted
Marshall@__Mastadon
20 Jun 2024
Check out our new blog. I've demonstrated an attack scenario using Cobalt Strike and SCCM admin privileges to hunt for DA sessions, deploy beacons laterally with SCCM app deployment, and compromise of a DA account. guidepointsecurity.com/blog/…

SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

Senior Security Consultant Marshall Price demonstrates the importance of properly assigned access and tiered administration for preventing lateral movement.

guidepointsecurity.com
32
58
3,949
5CRIP7K47Y retweeted
Bad Sector Labs@badsectorlabs
18 Jun 2024
No AI, no content automation (besides an RSS reader), 100% human curated cybersecurity content by myself and @__ar0d__. Published weekly to the web with no Javascript, via email, or RSS. It's the blog I wish existed before I started it. Don't sleep on it!
Last Week in Security (LWiS)@lastweekinfosec
18 Jun 2024
Nighthawk 0.3 (@MDSecLabs), Musl heap exploit (@NCCsecurityUS), Copilot chat 💉 (@wunderwuzzi23), and more! blog.badsectorlabs.com/last-…
1
15
49
3,943
5CRIP7K47Y retweeted
puppy enjoyer@BokononsProphet
7 May 2024
1
45
961
36,189
5CRIP7K47Y@scriptkaty
28 Mar 2024
New #SCCM hotness: guidepointsecurity.com/blog/…

SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery 

Senior Security Consultant Marshall Price details his research into gaining administrative privileges through SCCM

guidepointsecurity.com
5
5CRIP7K47Y retweeted
ben burkhart 🫠@benburkhart
28 Mar 2024
come hang tomorrow and listen to me equate pentesting to playing metroidvania games on the @BHinfoSecurity webcast! pre-show banter starts at 11:30am central and slides start at noon ༼つ◕_◕༽つ 🪤
Black Hills Information Security
@BHinfoSecurity
26 Mar 2024
Hey folks! Join us for two free one-hour Black Hills Information Security (BHIS) webcasts on Thursday, March 28th. Register and attend one or both of the webcasts: events.zoom.us/ev/AsnGPEP9qj… 1pm ET — Metroidvania Games as a Methodology and Approach for Pentesting w/ Ben Burkhart Ben will explore how gaming concepts like power-ups and exploration correlate with escalating privileges and lateral movement in network security. Different pentest engagements and situational awareness are discussed, emphasizing maximizing resources and adapting strategies. 2:05pm ET — Backdoors & Breaches - Introducing the DenSecure Expansion Deck w/ DenSecure The DenSecure team will introduce and explain each of the new Attack cards and give a brief explanation for how the attack works and the tools you can use to do the attack. If you've played Backdoors & Breaches a lot or are new to the concept, we'd like to invite you to come check out this webcast! Show up early for pre-show banter! Register for upcoming webcast here: events.zoom.us/eo/AqZceUFfoY…
1
4
12
3,944
5CRIP7K47Y retweeted
ben burkhart 🫠@benburkhart
28 Nov 2023
INFOSEC SURVIVAL GUIDE v2 from @BHinfoSecurity is here and FREE online for your perusal or you can buy a physical copy for basically S/H. lots of love and great work in here, and I finally got to formalize my title at work
Black Hills Information Security
@BHinfoSecurity
9 Nov 2023
The new -- The Infosec Survival Guide -- was created by the #infosec community for the infosec community and you can now download the whole PDF for free -- no paywall, no registering. blackhillsinfosec.com/prompt… Get physical copies for $1 each shipping. United States only. spearphish-general-store.mys…
5
12
37
18,017
5CRIP7K47Y retweeted
The Sims
@TheSims
21 Jul 2023
them: any weekend plans? us:
0:11
142
1,183
10,948
612,623
5CRIP7K47Y retweeted
Retro Tech Dreams
@RetroTechDreams
21 Jul 2023
Hampster Dance 🐹🐹🐹
21
255
1,317
84,214
5CRIP7K47Y@scriptkaty
21 Jul 2023
RT @CJ_Hende: The goal post keeps moving because the office of Community Safety was never designed to actually improve public safety in Min…
16
5CRIP7K47Y retweeted
Wedge LIVE!™@WedgeLIVE
21 Jul 2023
Things are so bad with MPD hiring practices that a former cop is the whistleblower in his own re-hiring. kstp.com/5-investigates/minn…
3
39
171
19,124
5CRIP7K47Y retweeted
D.A. Bullock@BullyCreative
21 Jul 2023
the dirty secret of Minneapolis, well-off liberals of this city despise the rude discord and disobedience of social activism far far more than they despise the abuse, violence and discrimination of their police department. It is not even a close contest.
10
66
415
24,315
5CRIP7K47Y@scriptkaty
12 Jul 2023
My body is ready
puppy enjoyer@BokononsProphet
11 Jul 2023
This is a crime
19
5CRIP7K47Y retweeted
The Nordly@TheNordly
19 Jun 2023
Jacob Frey’s Team Gives Him Nintendo Switch To Keep Him From Posting on Juneteenth buff.ly/3PlnGiH
1
26
279
27,038
5CRIP7K47Y retweeted
Sean Metcalf
@PyroTek3
14 Jun 2023
Microsoft recently reached out to get my perspective of identity security (Active Directory & Azure AD). Here's the interview: techcommunity.microsoft.com/… TLDR: Many of the issues we have seen with Active Directory are in Azure AD as well from a customer perspective.

4
77
291
48,776
5CRIP7K47Y retweeted
ali
@endingwithali
13 Jun 2023
Cry
Kacie Ahmed
@kacieahmed
13 Jun 2023
Developers, How do you deal with stress? 🥲
42
98
1,319
176,830
5CRIP7K47Y retweeted
Dirk-jan@_dirkjan
13 Jun 2023
New blog: Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust I teased this a bit during my Windows Hello talks, now found some time to write about this interesting technique. Also contains defenses and detection opportunities. dirkjanm.io/obtaining-domain…

Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust

Many modern enterprises operate in a hybrid environment, where Active Directory is used together with Azure Active Directory. In most cases, identities will be synchronized from the on-premises...

dirkjanm.io
8
329
773
90,664
5CRIP7K47Y retweeted
Lauren McKenzie@TheMcKenziest
28 Mar 2023
20 years in prison and a $1M fine for using a VPN to watch TikTok videos.
@theexiledduck tweet so the tiktok ban is just a huge internet restriction bill? it says using a VPN to access "banned apps" lands you a minimum imprisonment 20 years a fine of either $250k or $1 mil. the president appoints someone to head a group that monitors anything that access the internet

ALT @theexiledduck tweet so the tiktok ban is just a huge internet restriction bill? it says using a VPN to access "banned apps" lands you a minimum imprisonment 20 years a fine of either $250k or $1 mil. the president appoints someone to head a group that monitors anything that access the internet

169
3,795
19,362
1,277,073
5CRIP7K47Y retweeted
ben burkhart 🫠@benburkhart
28 Mar 2023
Holy shit, that was one of the most powerful pieces of journalism I’ve consumed in a minute
Joseph Cox
@josephfcox
28 Mar 2023
This is one of the most important pieces of journalism ever produced. Washington Post gets permission from parents of mass shooting victims to create 3D models of what AR-15s did to their children’s bodies. As close as we’ll get to publishing photos washingtonpost.com/nation/in…
1
2
266
Load more