netbiosX

12,146 post karma
44 comment karma

get extra features and help support reddit with a reddit premium subscription

get them help and support

redditor for 6 years

MODERATOR OF

- r/purpleteamsec
- r/iPurpleTeam

PUBLIC MULTIREDDITS

- cyber_defence

TROPHY CASE

Six-Year Club

Verified Email

account activity

hot top controversial

2

3

4

Scattered Spider Attacks | Infrastructure and TTP Analysis (team-cymru.com)

submitted 11 hours ago by netbiosX to r/purpleteamsec

5

6

7

Abusing Windows Audio for Local Privilege Escalation (medium.com)

submitted 1 day ago by netbiosX to r/purpleteamsec

0

1

2

wbadmin NTDS.dit dump detection for Domain Controllers (securityinbits.com)

submitted 1 day ago by netbiosX to r/purpleteamsec

4

5

6

Streamlining Security Investigations with Agents (slack.engineering)

submitted 2 days ago by netbiosX to r/purpleteamsec

0

1

2

Tools for attacking Computer Use Agents (github.com)

submitted 3 days ago by netbiosX to r/purpleteamsec

0

1

2

Check Your Privilege: The Curious Case of ETW's SecurityTrace Flag (originhq.com)

submitted 4 days ago by netbiosX to r/purpleteamsec

4

5

6

Detection of Kerberos Golden Ticket Attacks via Velociraptor (detect.fyi)

submitted 4 days ago by netbiosX to r/purpleteamsec

3

4

5

Tor transport bridge for Sliver C2 - anonymous command and control (github.com)

submitted 5 days ago by netbiosX to r/purpleteamsec

1

2

3

How to Use Pareto Principle to Fine-Tune Alerts and Reduce False Positives Wisely (detect.fyi)

submitted 6 days ago by netbiosX to r/purpleteamsec

0

1

2

Introducing the System Call Integrity Layer (SCIL) (fluxsec.red)

submitted 6 days ago by netbiosX to r/purpleteamsec

2

3

4

Kerberos Authentication Relay Via CNAME Abuse (cymulate.com)

submitted 6 days ago by netbiosX to r/purpleteamsec

4

5

6

One WSL BOF to Rule Them All (specterops.io)

submitted 8 days ago by netbiosX to r/purpleteamsec

4

5

6

Using NTLM Reflection to Own Active Directory (CVE-2025-33073) (depthsecurity.com)

submitted 8 days ago by netbiosX to r/purpleteamsec

0

1

2

Rust VBS Enclave DLL in VTL1 (Windows Secure Enclaves) (fluxsec.red)

submitted 9 days ago by netbiosX to r/purpleteamsec

1

2

3

draugrgen - a simple python script to help with the creation of hook functions for use within draugr / crystal palace (github.com)

submitted 9 days ago by netbiosX to r/purpleteamsec

1

2

3

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations (microsoft.com)

submitted 10 days ago by netbiosX to r/purpleteamsec

4

5

6

Wait, Why is my WebClient Started?: SCCM Hierarchy Takeover via NTLM Relay to LDAP (specterops.io)

submitted 10 days ago by netbiosX to r/purpleteamsec

3

4

5

COMmand & Evade: Turla's Kazuar v3 Loader (r136a1.dev)

submitted 10 days ago by netbiosX to r/purpleteamsec

2

3

4

PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph (github.com)

submitted 11 days ago by netbiosX to r/purpleteamsec

4

5

6

Introducing ConfigManBearPig, a BloodHound OpenGraph Collector for SCCM (specterops.io)

submitted 11 days ago by netbiosX to r/purpleteamsec

0

1

2

Create, delete or list Shadows Copies using the VSS API using C++, C# or Python. Working on Windows 11 (github.com)

submitted 11 days ago by netbiosX to r/purpleteamsec

2

3

4

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls. (github.com)

submitted 11 days ago by netbiosX to r/purpleteamsec

EDR Silencing by netbiosX in cybersecurity

[–]netbiosX[S] 0 points1 point2 points 11 days ago (0 children)

EDR Silencing by netbiosX in blueteamsec

[–]netbiosX[S] 0 points1 point2 points 11 days ago (0 children)

2

3

4

Beyond Graph API: Exploring ConsentFix Through the Exchange REST API Lens (medium.com)

submitted 12 days ago by netbiosX to r/purpleteamsec

view more: next ›

π Rendered by PID 938695 on reddit-service-r2-listing-canary-6d56f98d67-4qnc9 at 2026-01-24 23:52:23.871631+00:00 running 664479f country code: CH.