1. X
  2. MDSec
Log inSign up
MDSec
1,176 posts
Image
user avatar
MDSec
@MDSecLabs
Consultancy and Training for offensive security by trusted experts | mdsec.co.uk | nighthawkc2.io | @nighthawk_c2
United Kingdom
mdsec.co.uk
Joined July 2011
2
Following
15.9K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    MDSec
    @MDSecLabs
    Jun 12
    We're bringing the latest and greatest red team TTPs to @BlackHatEvents this year in our Adversary Simulation and Capability Development training. Learn from seasoned red teamers @domchell and @_batsec_, with fresh content updated for 2026! 🔥 blackhat.com/us-26/training…
    Image
    5.3K
  • user avatar
    MDSec
    @MDSecLabs
    Mar 14, 2023
    We've just published a quick write up on CVE-2023-23397, which allows a remote adversary to leak NetNTLMv2 hashes: mdsec.co.uk/2023/03/exploi… by @domchell
    Image
    303K
  • user avatar
    MDSec
    @MDSecLabs
    Nov 13, 2019
    New blog post by @0x09AL on extracting clear-text credentials from RDP using RdpThief mdsec.co.uk/2019/11/rdpthi…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Oct 19, 2022
    In our latest blog post, we publish a MS "won't fix" unauthenticated SSRF to RCE in Microsoft Office Online Server mdsec.co.uk/2022/10/micros… by @IndiShell1046
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Jul 22, 2019
    Introducing the Office 365 Attack Toolkit, a new blog post and tool release by @0x09AL
    Image
    Introducing the Office 365 Attack Toolkit - MDSec
    From mdsec.co.uk
  • user avatar
    MDSec
    @MDSecLabs
    Apr 5, 2022
    Interested in covert code injection? @modexpblog outlines some techniques using COM in a new post "Process Injection via Component Object Model (COM) IRundown::DoCallback()" mdsec.co.uk/2022/04/proces…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Feb 19, 2020
    Want to backdoor IIS? APT @0x09AL explains how in our latest blog post, including a tool release that scrapes passwords from the webapps and performs command and shellcode injection #redteam mdsec.co.uk/2020/02/iis-ra…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Aug 17, 2020
    Introducing FireWalker: A New Approach to Generically Bypass User-Space EDR Hooking mdsec.co.uk/2020/08/firewa… by @peterwintrsmith #redteam #firewalker #MDSec
    Image
    GIF
  • user avatar
    MDSec
    @MDSecLabs
    Feb 12, 2024
    Interested in sharpening your red team AD recon? Check out our latest post by @domchell, "Active Directory Enumeration for Red Teams" mdsec.co.uk/2024/02/active…
    Image
    50K
  • user avatar
    MDSec
    @MDSecLabs
    Jun 17, 2021
    Bypassing Image Load Kernel Callbacks - A new approach for reflective loading by @_batsec_ has just hit the blog mdsec.co.uk/2021/06/bypass… #darkloadlibrary
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Jul 7, 2022
    Altiris Methods for Lateral Movement: a new post on how to abuse Altiris deployments by @__invictus_ 🔥 mdsec.co.uk/2022/07/altiri…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Jun 2, 2020
    Detecting and Advancing In-Memory .NET Tradecraft just pushed to the blog, by @domchell mdsec.co.uk/2020/06/detect…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Jan 7, 2022
    Our first post of 2022 brings a new method for enumerating Syscalls numbers using the Parallel loader, by @peterwintrsmith mdsec.co.uk/2022/01/edr-pa…
    Image
  • user avatar
    MDSec
    @MDSecLabs
    Jan 12, 2024
    Exploiting CVE-2024-20656, a Local Privilege Escalation in the VSStandardCollectorService150 Service mdsec.co.uk/2024/01/cve-20… - new research from @filip_dragovic
    Image
    92K
Advertisement
Advertisement