yossis - Network
Looking forward to another great bSides Budapest!
https://mastodon.social/@yossis/...Looking forward to another great bSides Budapest! 
https://mastodon.social/@yossis/...
New script is up: Get-KerberosServiceTicketAudit - Assess Kerberos Cipher and Hash usage in Active Directory environments (e.g....
https://mastodon.social/@yossis/...New script is up: Get-KerberosServiceTicketAudit - Assess Kerberos Cipher and Hash usage in Active Directory environments (e.g. Weak/Deprecated encryption types, or Quantum-resilient candidates)
https://github.com/YossiSassi/Get-KerberosServiceTicketAudit
#HAcktiveDirectory
https://mastodon.social/@yossis/...
Had fun coming up with One-liner to get sid 500 of every domain, even if renamed, without dependencies:(New-Object...
https://mastodon.social/@yossis/...Had fun coming up with One-liner to get sid 500 of every domain, even if renamed, without dependencies:
(New-Object System.Security.Principal.SecurityIdentifier("$((New-Object System.Security.Principal.SecurityIdentifier($(([adsi]'').objectSid), 0)).Value)-500")).Translate([System.Security.Principal.NTAccount]).Value
#HacktiveDirectory
https://mastodon.social/@yossis/...
Update: Get-ADPrincipalKerberosTokenGroup now supports discovery of SidHistory in PAC enumeration. Calculates recursive group membership for...
https://mastodon.social/@yossis/...Update: Get-ADPrincipalKerberosTokenGroup now supports discovery of SidHistory in PAC enumeration. Calculates recursive group membership for any user in the domain -
https://github.com/YossiSassi/Get-ADPrincipalKerberosTokenGroup
#HacktiveDirectory
https://mastodon.social/@yossis/...
AD/IT/Security pains solved in Server 2025 #2 Always wanted to get rid of RC4 kerberos?In Srv2025 RC4 is disabled for Kerberos tickets by...
https://mastodon.social/@yossis/...AD/IT/Security pains solved in Server 2025 #2
Always wanted to get rid of RC4 kerberos?
In Srv2025 RC4 is disabled for Kerberos tickets by default (better audit RC4 usage before, either use my github script or other centralized repository/system)
https://mastodon.social/@yossis/...
AD/IT/Security pains solved in Server 2025 #1 Group membership limits/overflooding? Srv2025 allows ~3,200 values in multi-valued attributes...
https://mastodon.social/@yossis/...AD/IT/Security pains solved in Server 2025 #1
Group membership limits/overflooding? Srv2025 allows ~3,200 values in multi-valued attributes instead of ~1,200 today - with a New Forest-Functional Level introduced (utilizes 32K DB page size, instead of 8K per page/max per object)
https://mastodon.social/@yossis/...
Wondered why there's no 'quser equivalent' for PSRemoting sessions? Get real-time status & information about WS-Man...
https://mastodon.social/@yossis/...Wondered why there's no 'quser equivalent' for PSRemoting sessions?
Get real-time status & information about WS-Man connections/PS-Sessions (local, remote, windows powershell and pwsh), which user is connected, from which IP/host, how long and if idle, and much more -
https://github.com/YossiSassi/Get-RemotePSSession
https://mastodon.social/@yossis/...
"We're smart enough to invent AI, dumb enough to need it, and so stupid that we can't figure out if we did the right...
https://mastodon.social/@yossis/..."We're smart enough to invent AI, dumb enough to need it, and so stupid that we can't figure out if we did the right thing."
- Jerry Seinfeld
https://mastodon.social/@yossis/...
@nyxgeek is up now, for his part2 enum in the skies talk. Crazy how much MS cloud info can be enumerated!
https://mastodon.social/@yossis/...@nyxgeek is up now, for his part2 enum in the skies talk. Crazy how much MS cloud info can be enumerated!
12.2.2025 08:28@nyxgeek is up now, for his part2 enum in the skies talk. Crazy how much MS cloud info can be enumerated!https://mastodon.social/@yossis/...
If you're into DFIR / MS forensics, you wouldn't regret giving a look at my 'HAcktive Directory forensics' collection of...
https://mastodon.social/@yossis/...If you're into DFIR / MS forensics, you wouldn't regret giving a look at my 'HAcktive Directory forensics' collection of open source tools and resources - helps a lot to understand who did what|when in the domain, analyze past changes and more:
https://github.com/YossiSassi/hAcKtive-Directory-Forensics
https://mastodon.social/@yossis/...
Are you aware that any local admin on IIS boxes can see appPool identity creds in clear-text? Here's a script to map IIS Servers,...
https://mastodon.social/@yossis/...Are you aware that any local admin on IIS boxes can see appPool identity creds in clear-text?
Here's a script to map IIS Servers, appPools, vDirs, usernames & passwords, for Red/Blue/Purple/whatever. inc. insights on risk reduction and mitigation of this potential exposure:
https://github.com/YossiSassi/Get-IISCredentials
https://mastodon.social/@yossis/...
Hello W0rld ;-) Finally made it here. Thanks @Viss Dan!
https://mastodon.social/@yossis/...Hello W0rld ;-)
Finally made it here.
Thanks @Viss Dan!
https://mastodon.social/@yossis/...
