Melvin langvik

Had a blast presenting at #DEFCON30 today, GitHub repo for TeamFiltration is online! github.com/Flangvik/TeamF… Thank you so much for all the amazing feedback, can't wait to see what this tool looks like in a year now that it's public!

🔥🔥🔥 Raphael Mudge's take on Elastic's way of handling all this is pure gold. Thank you. aff-wg.org/2025/07/13/tak…

The OpenSource WritingTools widget is my current absolute favorite use case for local LLM, in combination with LM Studio! youtu.be/ffi_sOqATZM

New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…

Beacon Object Files – Five Years On… 🔥 aff-wg.org/2025/06/26/bea…

Fresh video out on a new ClickFix variation, named FileFix by @mrd0x 💻 youtube.com/watch?v=k2jrOE…

Happy Friday! @tifkin_ and I are happy to announce that we have cut the release for Nemesis 2.0.0 - check out the CHANGELOG for a (brief) summary of changes, and dive into our new docs for more detail! We're extremely proud and excited for this release github.com/SpecterOps/Nem…

Since several people already asked: the slides from @fabian_bader and myself for @WEareTROOPERS are available! "Finding Entra ID CA bypasses-the structured way". We talked about FOCI, BroCI, CA bypasses, scopes and getting tons of tokens. Check it at dirkjanm.io/talks/

Here is a reminder that a Powerful DotNET obfuscator is available in MacroPack. Assembly level obfuscation (or course). With the latest 2.7.5 it supports all your favorite #redteam DotNET tools! And tested on major EDRs :) blog.balliskit.com/obfuscation-an…

I'm trying to push further with Impacket then I have before and am running into a wall. If you appreciate my opensource work and want to help me out I could use some community help figuring how what I've missed in my MS-EVEN6 method / struct definition github.com/fortra/impacke…

If you missed my CNBC interview yesterday, here it is! youtube.com/watch?v=ssOo6L…

New video out, looking at freshly released Nemesis 2.0 by non other then @harmj0y and @tifkin_ 🥵No doubt this is going to bring next-level efficiency and offload one of the most tedious manual workloads an operator can face! youtu.be/5P9N1OQTUqM

The incredibly talented gentleman behind pypykatz, minikerberos, msldap, and jackdaw (to name a few) is currently looking for a new opportunity🚒retweet for exposure, best of luck my man!🫶

Well, it happened. The company I worked at for 6 years will be closing and thus I got laid off. This doesn't affect @octopwn operations in any negative ways, but I'm actively looking for a new day job. If someone has something please DM me. Retweets are appreciated.

Had an absolute blast at X33FCON last week, which is somewhat documented in today's video! Always great seeing familiar and new faces, @mrgretzky @Oddvarmoe @__mez0__ getting some love in this one 😅 youtu.be/zajKNTLpckY

Really looking forward to giving Nemesis a go after this re-focused rewrite from the ground up. Amazing stage delivery👏👏

Thank you so much to @x33fcon and its organizers for an awesome experience! @tifkin_ and I had a blast talking about the new Nemesis 2.0 rewrite (code live at github.com/SpecterOps/Nem… !) and hope to be back next year #x33fcon

Received the news today that my talk "Advanced Active Directory to Entra ID lateral movement techniques" was also accepted for @defcon 🎉 hope to see everyone there!

Sooooooooooooooo 😶‍🌫️

Researchers at @Proofpoint expose threat actors’ attempt to hijack thousands of EntraID user accounts across almost 100 cloud tenants by leveraging TeamFiltration, a red teaming framework used by network defenders. brnw.ch/21wTk3G

Today we're announcing a fundamental shift in how DeceptIQ delivers cyber deception. No more security theater. After years of red teaming and watching security teams struggle with implementing existing deception products, we've made a decision: we're moving from product to…