Joined November 2019
- Tweets 15
- Following 5
- Followers 652
- Likes 5
1 Photos and videos
whynotsecurity retweeted
9 May 2022
Fresh off the #WayWest2022 Toolshed, dropping my new Office365 userenum technique against Federated tenants, check it out below!
B: whynotsecurity.com/blog/o365…
G: github.com/knavesec/o365fede…
1
38
80
whynotsecurity retweeted
26 Oct 2021
Time for another tool drop. This one I wrote a couple weeks ago for converting ldapdomaindump data to Bloodhound data. Currently only the bare minimum to get data uploaded into Bloodhound works.
B: whynotsecurity.com/blog/ldd2…
G: github.com/blurbdust/ldd2bh
1
62
138
whynotsecurity retweeted
8 Oct 2021
Awhile back I wrote a tool to look for Windows registry files in a given haystack of data (.tar, .vhd, .vmdk). If impacket is installed, it will automatically secretsdump the found registry files.
B: whynotsecurity.com/blog/need…
G: github.com/blurbdust/needle
1
21
56
whynotsecurity retweeted
4 Oct 2021
XSS to RCE: Covert Target Websites into Payload Landing Pages, good introduction article by @knavesec
bit.ly/3DdZaXB
38
111
whynotsecurity retweeted
29 Sep 2021
XSS to RCE: Hosting your phishing payload on your client's website, a fun technique for boosting your phishing click rate based off a real attack from a known ransomware threat group
Blog: whynotsecurity.com/blog/xss-…
1
4
11
8 Aug 2021
Cool new way to make eyewitness web enum more opsec friendly, designed to bypass scan prevention techniques. Check it out!
8 Aug 2021
EyeWitnessTheFitness: create a single Fireprox API that can pass thru to multiple web endpoints. No need to generate multiple APIs to do enum, more opsec friendly, and helps bypass scan prevention techniques that filter by IP
B: whynotsecurity.com/blog/eyew…
G: github.com/knavesec/EyeWitne…
1
whynotsecurity retweeted
28 Apr 2021
New APIs/syscalls for EDR bypass (@yarden_shafir), UAF browser exploit dev (@33y0re), PowerView replacement [EDD] (@FortyNorthSec), phishing banner defeat (@whynotsecurity), malware packer teardown (@fumik0_), NANDcromancy (@Atredis), and more! blog.badsectorlabs.com/last-…
1
18
57
22 Apr 2021
Shoutout to @ldionmarcil for making it public. Phishing “external email” warning bypass POC and writeup #redteam
22 Apr 2021
Since it was made public, time to release! Big "External Email" phishing warnings on Outlook webapp & client can be obfuscated with some simple CSS/HTML injections into your phishing email. Writeup, Remediations & POC: whynotsecurity.com/blog/exte… #RedTeam
1
whynotsecurity retweeted
2 Apr 2021
New blog post going into the details about the potato exploits and SeImpersonatePrivilege. micahvandeusen.com/the-power…
32
54
22 Mar 2021
Introducing Credmaster! Easy & anonymous password spraying suite to beat throttle detections. Based on prior work by @ustayready with just a touch of extra research and features
Tool: github.com/knavesec/CredMast…
Blogpost: whynotsecurity.com/blog/cred…
2
45
64
6 Feb 2021
The BloodHound Domain Password Audit Tool, the newest feature of Max. Run cracked password analysis to identify vulnerable groups, privileges and patterns using the power and information of BloodHound. Based off previous work by @OrOneEqualsOne whynotsecurity.com/blog/max3…
17
40
27 Aug 2020
Go check this out, new Bloodhound attack primitive plus some updates to a great tool
27 Aug 2020
Its national dog day, so naturally its time to release an update on Max! This update includes a new attack primitive with how it works, as well as some new features to a few of the old functions for better data extraction. Post: whynotsecurity.com/blog/max2…
2
25 Jun 2020
Back with a new blog post, step up your Bloodhound game with Max! Makes it far easier to extract information and interact with the database whynotsecurity.com/blog/max/
9
14
3 Feb 2020
We are announcing our new blog with a post about Teamviewer and storing user passwords encrypted and not hashed allow for easy plaintext retrieval from the Windows registry.
whynotsecurity.com/blog/team…
11
102
223