Adam Chester 🏴☠️
@_xpn_
Hacker for Hire at @SpecterOps | Research at http://blog.xpnsec.com
Celebrating 1 year at SpecterOps, this was the first project I worked on after starting. Looking at SQL Server Transparent Data Encryption, how to bruteforce weak keys, and how ManageEngine's ADSelfService product uses TDE with a suspect key. Enjoy :) specterops.io/blog/2025/04/0…
New book time. Catharsis after some of the utter shit takes I get after dipping into ML 🤣
Watching politicians and mainstream media suddenly change their rhetoric on the genocide makes me feel like I’ve truly gone crazy. Can someone please confirm that a few weeks ago they villainized us on the front pages for being against this while they were very much pro-genocide.
Spent enough time with @jaredcatkinson to know that this technique needs distilling for both detection and weaponisation!
EDR-on-EDR Violence 1/🧵 @BushidoToken called out that EDR products were being abused by threat actors. @Shammahwoods & I realized a free trial of an attacker controlled EDR can be used to kill the existing EDR. @techspence @UK_Daniel_Card @Jhaddix github.com/CroodSolutions…
My first @SpecterOps blog! Ever wanted to collect Active Directory information from LDAP for a Red Team? Using LDAP's more OPSEC-considerate cousin: ADWS can be used to improve upon the already present advantages of using smaller-scaling LDAP queries. specterops.io/blog/2025/07/2…
Ok… well played Astronomer 🤣
Thank you for your interest in Astronomer.
[BLOG] In this post, I demonstrate my QoL improvements for working with the TCG codebase. This includes vscode with intellisense support, and producing debug builds for use in WinDbg. rastamouse.me/debugging-the-…
I think I've got a nice way to produce debug builds for Crystal Palace loaders. It produces an EXE that works with WinDbg so you can debug against the source code, with locals, etc.
For those like me who prefer to stay in the terminal and want to call REST APIs like the Microsoft Graph without complicated commands or copy/pasting tokens: roadtx now has a graphrequest command to perform simple requests against these APIs and parse the JSON.
Oh my god, Matt Stone.... Trey Parker... I love you so so much!! 😂😂😂😂😂😂😂😂😂
I think I've got a nice way to produce debug builds for Crystal Palace loaders. It produces an EXE that works with WinDbg so you can debug against the source code, with locals, etc.
Trump absolutely hates this video and doesn't want anyone to see it. Even called Paramount to shut it down. Oh well. The internet is forever bitch. No matter how many times it gets taken down, it will live forever #SouthPark #SouthParkSeason27 #SermonOnTheMount #FDT
Ohhhhh South Park.... HAHAAHHAHAHA youtube.com/watch?v=Q1xR3X…
I think I've got a nice way to produce debug builds for Crystal Palace loaders. It produces an EXE that works with WinDbg so you can debug against the source code, with locals, etc.
Excited! Come grab some stickers...the update includes a new "relay" module to support TAKEOVER-5. No more using a 2 year old pull-request that hasn't been merged yet.
Get to know what's new w/ SCCMHunter. Join @unsigned_sh0rt's #BHUSA Arsenal session on the post-exploitation tool & learn about the updates, including site system profiling, extended admin modules, & credential relaying capabilities. ghst.ly/3GkhpBV
Hi, ER Doc here. I don’t know who needs to hear this but do NOT even think about it.
Japanese design firm Kenji Abe has designed a glass beer bottle that you can stick into the sand on the beach
Let your kids be kids. Get outside. Touch grass. Go to the playground.
We’re going to make Baby Grok @xAI, an app dedicated to kid-friendly content
Finished up Careless People by Sarah Wynn-Williams. If you missed it, it’s the book on Facebook from a whistleblower which she is banned from promoting. A mixture of non-surprise, gross execs / thought leaders, and IDGAF’ery to data privacy / manipulation.
