https://clement.notin.org/blog/2015/08/07/podcast-comptoir-s%C3%A9cu-arjel/ 2015-08-07T00:00:00+02:00 https://clement.notin.org/blog/2015/11/12/conf%C3%A9rence-d%C3%A9monstration-anaj-ihedn/ 2015-11-12T00:00:00+01:00 https://clement.notin.org/blog/2016/06/13/conf%C3%A9rence-les-outils-du-test-d'intrusion/ 2016-06-13T00:00:00+02:00 https://clement.notin.org/blog/2016/07/13/CVE-2016-5007-Spring-Security-MVC-Path-Matching-Inconsistency/ 2016-07-13T00:00:00+02:00 https://clement.notin.org/blog/2016/10/01/misc-post-exploitation-windows-avec-metasploit/ 2016-10-01T00:00:00+02:00 https://clement.notin.org/blog/2017/07/03/burp-extension-scan-manual-insertion-point/ 2017-07-03T00:00:00+02:00 https://clement.notin.org/blog/2017/09/28/conf%C3%A9rence-failles-s%C3%A9curit%C3%A9-cloud-IoT/ 2017-09-28T00:00:00+02:00 https://clement.notin.org/blog/2017/12/22/CVE-2017-7344-Fortinet-FortiClient-Windows-privilege-escalation-at-logon/ 2017-12-22T00:00:00+01:00 https://clement.notin.org/blog/2018/03/19/CVE-2017-17743-UCOPIA-Wireless-Appliance-restricted-shell-escape/ 2018-03-19T00:00:00+01:00 https://clement.notin.org/blog/2018/08/01/misc-webauthn-enfin-la-fin-des-mots-de-passe/ 2018-08-01T00:00:00+02:00 https://clement.notin.org/blog/2018/08/20/CVE-2018-15481-UCOPIA-Wireless-Appliance-restricted-shell-escape/ 2018-08-20T00:00:00+02:00 https://clement.notin.org/blog/2018/10/25/Security-analysis-of-Chrome-prompting-for-Windows-password-before-disclosing-passwords/ 2018-10-25T00:00:00+02:00 https://clement.notin.org/blog/2018/11/15/CVE-2018-3621-Intel-Driver-&-Support-Assistant-Drivers-information-disclosure/ 2018-11-15T00:00:00+01:00 https://clement.notin.org/blog/2019/02/25/Splunk-Universal-Forwarder-Hijacking-2-SplunkWhisperer2/ 2019-02-25T00:00:00+01:00 https://clement.notin.org/blog/2019/07/03/credential-theft-without-admin-or-touching-lsass-with-kekeo-by-abusing-credssp-tspkg-rdp-sso/ 2019-07-03T00:00:00+02:00 https://clement.notin.org/blog/2019/08/01/CVE-2019-1172-Windows-Azure-Active-Directory-user-token-disclosure/ 2019-08-01T00:00:00+02:00 https://clement.notin.org/blog/2019/12/17/When-Windows-Hello-fails-at-securely-authenticating-users-and-protecting-credentials/ 2019-12-17T09:00:00+01:00 https://clement.notin.org/blog/2019/12/17/security-pitfalls-in-authenticating-users-and-protecting-secrets-with-biometry-on-mobile-devices-apple-android/ 2019-12-17T09:00:30+01:00 https://clement.notin.org/blog/2020/04/15/Server-Side-Template-Injection-(SSTI)-in-ASP.NET-Razor/ 2020-04-15T00:00:00+02:00 https://clement.notin.org/blog/2020/04/22/CVE-2020-4311-IBM-Tivoli-Monitoring-weak-folder-permissions/ 2020-04-22T00:00:00+02:00 https://clement.notin.org/blog/2020/07/22/cve-2019-1172-disclosure-of-azure-ad-personal-account-auth-token-to-malicious-websites-when-using-the-recommended-browser-extension-1/ 2020-07-22T00:00:00+02:00 https://clement.notin.org/blog/2020/07/22/cve-2019-1172-disclosure-of-azure-ad-personal-account-auth-token-to-malicious-websites-when-using-the-recommended-browser-extension-2/ 2020-07-22T00:00:00+02:00 https://clement.notin.org/blog/2020/08/23/google-drive-uploader/ 2020-08-23T00:00:00+02:00 https://clement.notin.org/blog/2020/08/23/twitter-likes/ 2020-08-23T00:00:00+02:00 https://clement.notin.org/blog/2020/09/12/CVE-2020-7315-McAfee-Agent-DLL-injection/ 2020-09-12T00:00:00+02:00 https://clement.notin.org/blog/2020/11/16/ntlm-relay-of-adws-connections-with-impacket/ 2020-11-16T00:00:00+01:00 https://clement.notin.org/blog/2021/03/01/risks-of-microsoft-teams-and-microsoft-365-groups/ 2021-03-01T00:00:00+01:00 https://clement.notin.org/blog/2021/04/13/auto-deploy-python-flask-web-app-on-github-push/ 2021-04-13T00:00:00+02:00 https://clement.notin.org/blog/2021/07/06/don-t-make-your-soc-blind-to-active-directory-attacks-5-surprising-behaviors-of-windows-audit-policy/ 2021-07-06T00:00:00+02:00 https://clement.notin.org/blog/2021/09/02/active-directory-virtualization-safeguard-deactivation/ 2021-09-02T00:00:00+02:00 https://clement.notin.org/blog/2022/09/29/decrypt-encrypted-stub-data-in-wireshark/ 2022-09-29T00:00:00+02:00 https://clement.notin.org/blog/2022/11/02/sharkfest-2022/ 2022-11-02T00:00:00+01:00 https://clement.notin.org/blog/2023/01/11/smb-access-is-denied-caused-by-anti-ntlm-relay-protection/ 2023-01-11T00:00:00+01:00 https://clement.notin.org/blog/2023/07/05/how-to-read-windows-serialized-certificates/ 2023-07-05T00:00:00+02:00 https://clement.notin.org/blog/2023/07/05/pass-the-salt-2023/ 2023-07-05T00:00:00+02:00 https://clement.notin.org/blog/2023/10/24/identity-days-2023/ 2023-10-24T00:00:00+02:00 https://clement.notin.org/blog/2024/01/09/roles-allowing-to-abuse-entra-id-federation-for-persistence-and-privilege-escalation/ 2024-01-09T00:00:00+01:00 https://clement.notin.org/blog/2024/01/31/stealthy-persistence-privesc-in-entra-id-by-using-the-federated-auth-secondary-token-signing-cert/ 2024-01-31T00:00:00+01:00 https://clement.notin.org/blog/2024/06/03/stealthy-persistence-with-directory-synchronization-accounts-role-in-entra-id/ 2024-06-03T00:00:00+02:00 https://clement.notin.org/blog/2025/01/28/podcast-ifttd-s%C3%A9curiser-l'ad/ 2025-01-28T00:00:00+01:00 https://clement.notin.org/blog/2025/04/24/entra-id-synchronization-feature-remains-open-for-abuse-after-hardening/ 2025-04-24T00:00:00+02:00 https://clement.notin.org/blog/2025/11/19/active-directory-trust-misclassification-why-old-trusts-look-like-insecure-external-trusts/ 2025-11-19T00:00:00+01:00 https://clement.notin.org/about https://clement.notin.org/archive https://clement.notin.org/talks https://clement.notin.org/tools https://clement.notin.org/vulnerabilities https://clement.notin.org/ https://clement.notin.org/page2/ https://clement.notin.org/page3/ https://clement.notin.org/page4/ https://clement.notin.org/page5/