Red Teamer / Security Research | Prior: CrowdStrike / Current: BHIS | In Christ’s grip | Pentesting since 1997 | Security Focus: Cloud
Central Florida
Joined July 2013
- Tweets 7,219
- Following 2,220
- Followers 11,772
- Likes 12,577
Pinned Tweet
So.. I've picked up a new non-tech side hobby and am excited to finally launch! If you are a coffee drinker, check out my new Zero Day Roast at zerodayroast.com! Also looking for swag sponsors who want to throw in infosec related swag. New roasts every Monday/Tuesday.
34
45
9
327
Anyone know of or have a compatibility matrix for BloodHound/Azurehound collectors w/ Neo4j DBMS versions?
1
1
3
🔥 team. 🔥 work. 🔥 opportunity.
We're seeking a principal offensive security engineer to support adversary simulation & detection engagements, perform security research, develop offensive tooling, & create and provide security related training for the macOS platform.
Learn more: ghst.ly/3Z7LRlT
4
1
10
Mike Felch (Stay Ready) retweeted
I challenged chatGPT to invent a brand new language... and holy sh*t 🤯
312
865
318
7,497
Some excellent work making sense of AzureAD permissions!
Just uploaded part II of my Azure AD trip
Untangling Azure Active Directory Permissions II: Who is high privileged?
csandker.io/2022/11/10/Untan…
#Azure #AzureAD
4
20
I thought I would share a cool technique I released 5 yrs ago w/ @dafthack on a way to leak Windows hashes via MS Office docs regardless of MotW. I haven't tested this in years but I also never reported it to Microsoft so who knows if it still works. inv.warpnine.de/watch?v=40Ume_kb…
2
7
1
36
Mike Felch (Stay Ready) retweeted
Don't miss @ustayready from @BHinfoSecurity's talk....psst, there will be a tool drop :)
hackspacecon.com/speakers
14
25
Best street skater of all time has to be @daewon1song! His board control defies physics. inv.warpnine.de/watch?v=aX3bM-oA…
5
6
Mike Felch (Stay Ready) retweeted
You can hate on Twitter blue all you want but you couldn’t tweet the hacker manifesto in a single tweet before!
## The Conscience of a Hacker
By The Mentor (a.k.a. Loyd Blankenship)
Written on January 8, 1986
Another one got caught today, it's all over the papers.… tweeter.jakobs.systems/i/web/status/163…
21
45
5
247
My recent video on Azure Console Pivoting. check it out! inv.warpnine.de/watch?v=GmPafiEe…
19
1
33
When you're password spraying ADFS using Burp intruder and notice a content length of 289 instead of 33000+, get excited, and then realize it was only a Gateway Timeout with your Fireprox API Gateway
1
4
28
GIF
One time, I found an unauthenticated RCE in the Craigslist main site and @craignewmark (well.. Craigslist) sent me more swag than I knew what to do with and gave thousands of dollars to a prison nonprofit that I was a volunteer chaplain at. All before bug bounties really existed.
2
6
61
New untapped cloud attack surface accidentally discovered. Maybe a new talk and definitely a new tool coming soon.
8
4
2
62
Definitely would recommend checking this out if you red team or are interested in offsec tooling.
This Thursday March 9th, @MrUn1k0d3r will be presenting "Windows Internals for Red Teams" in the Prelude community discord at 7 PM EST. Drop in, chat, and learn about Windows internals! discord.gg/fZbfdUQM4A #infosec #redteam
Show this thread
7
33
OpenAI is hiring for a red team lead up to $370k salary. Highest salary I’ve seen but I guess for San Francisco that’ll probably get you a nice size apartment.
19
26
2
281
Mike Felch (Stay Ready) retweeted
DroppedConnection - a fake VPN server that captures credentials and executes code via the Cisco AnyConnect client.
research.nccgroup.com/2023/0…
6
191
9
457
GIF
Mike Felch (Stay Ready) retweeted
🧵pt 1. Need a refresher on recon techniques or brand-new techniques to add to your arsenal?
👀 this slide deck on weaponizing corporate intel from @ustayready & @dafthack to go from 0 knowledge of an organization to stalker status 🕵 !!
Watch here: inv.warpnine.de/iV40AHRk56I
2
46
3
143
Biggest request I have for @Tesla is the ability for multi-select and delete of Sentry video recordings. One by one is painful.
1
2