Twitter | Search | |
Eric Smith
Consultant, Therapist. Persistent SoB. I don't like to lose. Your systems sure do look appetizing.
3,555
Tweets
755
Following
3,744
Followers
Tweets
Eric Smith retweeted
Matt Johansen Aug 6
If you're an experienced security pro in Vegas this week I've got 2 challenges for you. 1. Watch one talk you know NOTHING about. Like barely understand the title. 2. Find at least one student or much younger pro and buy them a meal/coffee/drink and let them ask you questions.
Reply Retweet Like
Eric Smith retweeted
the grugq Aug 2
“They allegedly used another Atlassian program, Jira, for project management purposes, tracking details of the intrusion, maps of networks, and stolen data.” — Those poor poor bastards.
Reply Retweet Like
Eric Smith retweeted
Matt Graeber Aug 2
Without fail, while prepping for the Adversary Tactics PowerShell class, I uncovered another code exec bug that I reported to MSRC. I'm excited to pass on our security feature bypass methodology at ! is a hard freaking bypass target now, though!
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Aug 2
Passing-the-Hash to NTLM Authenticated Web Applications
Reply Retweet Like
Eric Smith retweeted
Jared Haight Aug 2
Speaking of nmap parsing, I wrote a quick PowerShell script that reads in an nmap xml and correlates ARIN data to each IP. Useful for checking who owns the IP address ranges you're looking at.
Reply Retweet Like
Eric Smith retweeted
WRCCDC Aug 2
We will be running a training this Sunday 8/5/2018 from 2PM to 4PM on the basics of Windows and Linux defense!
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Aug 2
Active Directory: DSQUERY Commands
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 26
Advanced Incident Detection and Threat Hunting using Sysmon (and Splunk)
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 25
How to Mitigate Mimikatz WDigest Cleartext Credential Theft
Reply Retweet Like
Eric Smith Jul 26
Nice! Congrats.
Reply Retweet Like
Eric Smith retweeted
Kyle Hanslovan Jul 22
Evasive tradecraft starts with an easy to customize codebase. ’s Reflective PSExec loader & DLL is ideal for this. Provides position independent loading for Windows x86/x64/ARM (module/import hashing, address fixup), flexible DLL injection options.
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 23
BeRoot For Windows. post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 19
Elevating AD Domain Access With Write Access on the Domain NC Head
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 16
Identifying Clear Text LDAP binds to your DCs
Reply Retweet Like
Eric Smith retweeted
Sean Metcalf Jul 15
Next month at Black Hat, I will show why most current Active Directory admin methods are insecure and how to securely perform administration in the real world.
Reply Retweet Like
Eric Smith retweeted
☣ The Hacker Tools Jul 15
Firebase Exploiting Tool - Exploiting Misconfigured Firebase Databases
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 14
Invoke-Phant0m. Windows Event Log Killer
Reply Retweet Like
Eric Smith Jul 15
Useful, native rdp with hash
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 15
Video of 's really cool PSConf talk on "Invoke-CypherDog - Bloodhound Dog Whispering with PowerShell"
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 15
Get-GPTrashFire. Identifying and Abusing Vulnerable Configurations in MS AD Group Policy, by
Reply Retweet Like