Benevolently malicious offensive security enthusiast || @ABNAMRO Red Team || Crappy malware author (Nimplant, Nimpackt) || Has over 0 CVEs 😎 (pls notice me)
Utrecht, The Netherlands
Joined March 2011
- Tweets 1,320
- Following 591
- Followers 6,013
- Likes 7,550
Pinned Tweet
Got sidetracked by a fun little Terraform + Ansible project which I dubbed 'CloudLabs AD'. It provisions a small AD lab in the cloud that has some dummy data to play with and is enrolled in Elastic Endpoint Security.
Just open sourced it here 👉 github.com/chvancooten/Cloud…
10
157
1
511
Honestly not sure why but thanks, y'all 🥰
Haven't been sharing much lately, been working on some side projects and stuff for coming conference season. If you have any ideas for blogs/tools/whatever please do let me know! 🙏
2
17
That's a close one! I expected specialism to come first tbh. Some great insights in the comments. Personally I like being a generalist too, as you can ride that wave of learning the ropes of a new skill every time 🏄
Curious about this one: in terms of learning new (infosec) skills: do you prefer going deep or going wide?
2
1
3
Curious about this one: in terms of learning new (infosec) skills: do you prefer going deep or going wide?
46%
Deep! Gotta specialize!
54%
Wide! I want to know all!
485 votes • Final results
20
4
2
18
Cas van Cooten retweeted
The first blog post is here. This one covers the technical details of CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability).
The vulnerability was patched as part of the May 2022 Security Updates from Microsoft.
research.ifcr.dk/9e098fe298f…
30
382
21
815
Cas van Cooten retweeted
Workshops program is now out!
We're very happy to welcome @chvancooten @Guillaume_Lopes @ddouhine & @tijldeneut to perform their workshops during #HIP22
Check them out here ➡️hackinparis.com/workshops/
Buy your ticket here 🎫👉 hackinparis.com/store/
1
6
1
7
Impostor syndrome kicking in hard with all the names on this list 🫠
Hey All, @x33fcon team missed you! We're ready for you and looking forward to seeing you in Gdynia 😎🍹🏖️
Agenda: x33fcon.com/#!conference.md#…
Workshops: x33fcon.com/#!conference.md#…
Training (on-site and online!): x33fcon.com/#!training.md
Register today! 🎟️
1
10
So which way do I go for the "Cool Kids With A CVE" club?
CVE-2022-27903 An OS Command Injection vulnerability in the configuration parser of Eve-NG Professional through 4.0.1-65 and Eve-NG Community through 2.0.3-112 allows a remote authenticated attacker to execute commands as root by editing virtualiz... cve.mitre.org/cgi-bin/cvenam…
2
1
25
Some good news to start the week - I have been accepted to speak at @x33fcon 2022! I have also been accepted to present my workshop on 'malware development for dummies' at @hackinparis 2022. So hyped for both of these cons! Who's gonna be around?
6
3
46
Had a blast at the first physical (!) @hackthebox_nl meetup, meeting @egre55, @RoadRunnerHacks, and a bunch of other cool folks IRL 😁. Looking forward to the next one!
1
15
Something about Crowdstrike being a pain in the behind about people testing with their product combined with their engineers freely snooping on dev machines of their clients doesn't sit right with me 🤔
I'm all for transparency but it isn't a one-way street
5
16
83
Spent some time last week on something entirely different - frontend development! Created a new interface for Nimplant from scratch to teach myself the ropes of Next.JS and Typescript. Not gonna lie, pretty proud of what I achieved in a week (GIF below 👇)
14
18
173
GIF
Congrats to my buddy @Jean_Maes_1994 for making it yet another year without being cancelled 🥳
1
1
28
Cas van Cooten retweeted
I love GoMapEnum by @nodauf. Scrape a list of emails from LinkedIn, verify via MS Teams, get a list of hundreds of verified users in minutes :)
github.com/nodauf/GoMapEnum
1
14
42
I quite like the offsec courses that I did but it's sad to see they're going the SANS route in terms of pricing. Knowledge should be accessible, not paywalled 🥲
As a reminder, the 30- and 60-day options for all standalone courses will no longer be available as of today at 11:59 p.m HST.
We aim to simplify our product offerings as we develop new courses and features for our students: offs.ec/3tNVOZo
12
3
44
Not sure what's more shocking, the "DomAdmins-LastPass.xlsx" file or that the attackers used BING to look up privilege escalation tools on a compromised machine 😅
New documents for the Okta breach: I have obtained copies of the Mandiant report detailing the embarrassing Sitel/SYKES breach timeline and the methodology of the LAPSUS$ group. 1/N
Show this thread
2
3
21
Got sidetracked by a fun little Terraform + Ansible project which I dubbed 'CloudLabs AD'. It provisions a small AD lab in the cloud that has some dummy data to play with and is enrolled in Elastic Endpoint Security.
Just open sourced it here 👉 github.com/chvancooten/Cloud…
10
157
1
510
Kudos to @nodauf for most of the Ansible Elastic Endpoint Security deployment 👏
2
5
