Official RedTeam Pentesting GmbH account --
Impressum: https://t.co/pS9oK62Lsu
Aug 19 • 7 tweets • 2 min read
👀Turns out MS-EVEN can do a lot more than NULL auth:
In addition to leaking environment variables, it is possible to coerce authentication from arbitrary logged on users* 🤯
*If you are willing to trigger Windows Defender.
In May 2025 Sergey Bureev (@TCross) released his research on coercion using MS-EVEN, which by itself only uses NULL authentication, as the service runs as network restricted LOCAL SERVICE.
We want to highlight ✨adauth✨, our Go library for AD authentication powering out latest tool keycred 🔐:
We hope to lay a foundation for a healthy AD security tool ecosystem in Go by providing flexible authentication and we'll show you how...
1/6🧵github.com/RedTeamPentest…
First of all, adauth provides re-usable authentication CLI arguments (similar to Impacket) for convenience and consistency between your tools:
2/6🧵