1. X
  2. Beau Bullock
Log inSign up
Beau Bullock
4,187 posts
Image
user avatar
Beau Bullock
@dafthack
Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
Florida, USA
dafthack.com
Joined January 2013
647
Following
18.4K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Beau Bullock
    @dafthack
    Apr 15
    I’m excited to announce my newest training course, Breaching M365, is now available on-demand through @Antisy_Training. For $295, you get a full offensive methodology for attacking Microsoft 365 environments, from unauthenticated recon and initial access to OAuth abuse,
    Image
    7.1K
  • user avatar
    Beau Bullock
    @dafthack
    Jun 14, 2020
    I put together some cloud pentesting cheatsheets with various useful commands, tools, and techniques I've been collecting.
    Image
    GitHub - dafthack/CloudPentestCheatsheets: This repository contains a collection of cheatsheets I...
    From github.com
  • user avatar
    Beau Bullock
    @dafthack
    Oct 19, 2023
    Today we are releasing GraphRunner, a post-exploitation toolset for M365 and Entra ID accounts that myself and @424f424f have been building for the last few months. Read the blog post here: blackhillsinfosec.com/introducing-gr… Code is here: github.com/dafthack/Graph…
    Image
    72K
  • user avatar
    Beau Bullock
    @dafthack
    Mar 16, 2020
    Just pushed a new tool for password spraying Microsoft Online accounts (Azure/O365) to Github called MSOLSpray. It logs if a user cred is valid, if MFA is enabled, if a user doesn't exist, if the account is locked, if the account is disabled, and more.
    Image
    GitHub - dafthack/MSOLSpray: A password spraying tool for Microsoft Online accounts (Azure/O365)....
    From github.com
  • user avatar
    Beau Bullock
    @dafthack
    Jun 8, 2017
    New PowerShell tool NetworkRecon for finding network-level vulns by @6fletch9 - blackhillsinfosec.com/?p=5966 #pentest
    Image
  • user avatar
    Beau Bullock
    @dafthack
    Nov 18, 2022
    How to Build a Cloud Hacking Lab youtu.be/4s_3oNwqImo
  • user avatar
    Beau Bullock
    @dafthack
    Sep 29, 2020
    New blog post by me on exploiting MFA inconsistencies on Microsoft services: blackhillsinfosec.com/exploiting-mfa… And here's a new tool (MFASweep) to find them: github.com/dafthack/MFASw…
    Image
    Exploiting MFA Inconsistencies on Microsoft Services - Black Hills Information Security, Inc.
    From blackhillsinfosec.com
  • user avatar
    Beau Bullock
    @dafthack
    Jun 5, 2019
    New PowerShell tool for checking a password hash against multiple hosts over WMI or SMB. Also contains functionality for exfiltrating PowerShell PSReadline console history files from every profile on every system. Code - github.com/dafthack/Check… Blog - blackhillsinfosec.com/check-localadm…
    Image
    GitHub - dafthack/Check-LocalAdminHash: Check-LocalAdminHash is a PowerShell tool that attempts to...
    From github.com
  • user avatar
    Beau Bullock
    @dafthack
    Mar 10, 2016
    Here's an interesting path I took to getting "Domain Admin" at an org this week. #InfoSec #Hacking
    Image
  • user avatar
    Beau Bullock
    @dafthack
    Apr 12, 2019
    Internet Explorer XXE 0-day exploit w/ PoC using .MHT files. It's not being patched by Microsoft hyp3rlinx.altervista.org/advisories/MIC…
  • user avatar
    Beau Bullock
    @dafthack
    Oct 8, 2023
    If you want to check out my talk from yesterday on exploiting M365 vulns you can watch it here: youtube.com/watch?v=z3bMvf… This is the "prequel" to what @424f424f and I are releasing at @WWHackinFest in a couple weeks, and includes a few easter eggs.🧐
    48K
  • user avatar
    Beau Bullock
    @dafthack
    May 1, 2024
    10 years ago @strandjs asked me to come work at this small pentesting company called Black Hills Information Security. It is one of the best decisions I've ever made. For a decade I've had the privilege of hacking organizations with some of the coolest people on the planet.
    Image
    17K
  • user avatar
    Beau Bullock
    @dafthack
    Dec 14, 2017
    Here's Tradecraft Security Weekly Ep. #22 - Linux Privilege Escalation. This one might benefit those who are currently working on their #OSCP. -
  • user avatar
    Beau Bullock
    @dafthack
    Apr 10, 2020
    Quick 1-liner to search all Azure AD user attributes for passwords after auth'ing with Connect-MsolService: $x=Get-MsolUser;foreach($u in $x){$p = @();$u|gm|%{$p+=$_.Name};ForEach($s in $p){if($u.$s -like "*password*"){Write("[*]"+$u.UserPrincipalName+"["+$s+"]"+" : "+$u.$s)}}}
    Image
Advertisement
Advertisement