RedTeam Pentesting Profile picture
Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Aug 19 7 tweets 2 min read
👀Turns out MS-EVEN can do a lot more than NULL auth:

In addition to leaking environment variables, it is possible to coerce authentication from arbitrary logged on users* 🤯

*If you are willing to trigger Windows Defender. In May 2025 Sergey Bureev (@TCross) released his research on coercion using MS-EVEN, which by itself only uses NULL authentication, as the service runs as network restricted LOCAL SERVICE.

habr.com/ru/companies/t…
Feb 21 6 tweets 3 min read
We want to highlight ✨adauth✨, our Go library for AD authentication powering out latest tool keycred 🔐:


We hope to lay a foundation for a healthy AD security tool ecosystem in Go by providing flexible authentication and we'll show you how...
1/6🧵github.com/RedTeamPentest… First of all, adauth provides re-usable authentication CLI arguments (similar to Impacket) for convenience and consistency between your tools:
2/6🧵 Image