• Jun 3
  Stealthy Persistence with “Directory Synchronization Accounts” Role in Entra ID
• Jan 31
  Exploiting Entra ID for Stealthier Persistence and Privilege Escalation using the Federated Authentication’s Secondary Token-signing Certificate
• Jan 9
  Roles Allowing To Abuse Entra ID Federation for Persistence and Privilege Escalation

• Oct 24
  [french] Conférence Identity Days 2023
• Jul 5
  Pass the SALT 2023 conference
• Jul 5
  How to read Windows serialized certificates (with code sample)
• Jan 11
  SMB “Access is denied” caused by anti-NTLM relay protection

• Nov 2
  SharkFest'22 Europe conference
• Sep 29
  Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark

• Sep 2
  Active Directory virtualization safeguard deactivation
• Jul 6
  Don’t make your SOC blind to Active Directory attacks: 5 surprising behaviors of Windows audit policy
• Apr 13
  Auto deploy Python Flask web app on GitHub push
• Mar 1
  Risks of Microsoft Teams and Microsoft 365 Groups

• Nov 16
  NTLM relay of ADWS (WCF) connections with Impacket
• Sep 12
  CVE-2020-7315 McAfee Agent DLL injection
• Aug 23
  "Twitter likes" Python tool
• Aug 23
  "Google Drive uploader" Python tool
• Jul 22
  CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 2/2
• Jul 22
  CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 1/2
• Apr 22
  CVE-2020-4311 IBM Tivoli Monitoring weak folder permissions
• Apr 15
  Server-Side Template Injection (SSTI) in ASP.NET Razor

• Dec 17
  Security pitfalls in authenticating users and protecting secrets with biometry on mobile devices (Apple & Android)
• Dec 17
  When Windows Hello fails at securely authenticating users and protecting credentials
• Aug 1
  CVE-2019-1172 Windows Azure Active Directory user token disclosure
• Jul 3
  Credential theft without admin or touching LSASS with Kekeo by abusing CredSSP / TSPKG (RDP SSO)
• Feb 25
  Splunk Universal Forwarder Hijacking 2: SplunkWhisperer2

• Nov 15
  CVE-2018-3621 Intel Driver & Support Assistant: Drivers information disclosure bug through incorrect validation of the Origin header in local API requests (< 3.6.0.4)
• Oct 25
  Security analysis of Chrome prompting for Windows password before disclosing passwords
• Aug 20
  CVE-2018-15481 UCOPIA Wireless Appliance restricted shell escape (< 5.1.13)
• Aug 1
  [french] MISC : « WebAuthn » : enfin la fin des mots de passe ?
• Mar 19
  CVE-2017-17743 UCOPIA Wireless Appliance restricted shell escape (< 5.1.11 / 5.0.19 / 4.4.20)

• Dec 22
  CVE-2017-7344 Fortinet FortiClient Windows privilege escalation at logon
• Sep 28
  [french] Conférence "failles de sécurité des clouds et serveurs IoT"
• Jul 3
  Burp extension "Scan manual insertion point"

• Oct 1
  [french] MISC : post-exploitation Windows avec Metasploit
• Jul 13
  CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency
• Jun 13
  [french] Conférence "Les outils du test d'intrusion"

• Nov 12
  [french] Conférence-démonstrations à l’ANAJ-IHEDN
• Aug 7
  [french] Podcast Comptoir Sécu sur l'ARJEL