Toffy
@toffyrak
🔍 New research on a niche technique to abuse "GPP Local Users and Groups" to elevate privileges locally through sAMAccountName hijacking. This research comes with a new GPOHound update to detect this misconfiguration. 🔗 Read more: cogiceo.com/en/whitepaper_…
I have just released my first tool : GPOHound 🚀 GPOHound is an offensive tool for dumping and analysing GPOs. It leverages BloodHound data and enriches it with insights extracted from the analysis. 🔗Check it out here: github.com/cogiceo/GPOHou…
Sometimes, SQL injection is still possible, even when prepared statements are being used. Our researcher @hash_kitten has written up a blog post about a novel technique for SQL Injection in PDO’s prepared statements: slcyber.io/assetnote-secu…
My research on CVE-2025-49113 is out. fearsoff.org/research/round…. Happy reading! #CVE #roundcube #poc @FearsOff
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷♂️ Read Here - akamai.com/blog/security-…
Nice to have contributed to this release 🕸
NetExec v1.4.0 has been released! 🎉 There is a HUGE number of new features and improvements, including: - backup_operator: Automatic priv esc for backup operators - Certificate authentication - NFS escape to root file system And much more! Full rundown: github.com/Pennyw0rth/Net…