Skip to content
View RiccardoAncarani's full-sized avatar
👩‍❤️‍👩
Sex, drug and Kerberoasting
👩‍❤️‍👩
Sex, drug and Kerberoasting

Block or report RiccardoAncarani

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
RiccardoAncarani/README.md

Riccardo "dottor_morte" Ancarani 🔥

🔬Interests

  • Active Directory Exploitation
  • Purple Teaming
  • Threat Hunting
  • Software Development

📚 Blog Posts

Talks

  • Active Directory - Detecting Resilient Adversaries: More than 95 percent of the biggest corporates use Active Directory (AD) to manage identity, enforce policies and control business-critical assets. Despite AD represents the single point of failure in most cases, companies are still struggling with securing it; More than often, after obtaining an initial foothold, the attackers gain the maximum privileges within a short time period and even without being noticed before it’s too late. The aim of this talk is to bring awareness on the techniques that adversaries might employ whilst providing practical advices on how to stop and detect them.

  • Attack Detection Workshops - Initial Access: Presented the first episode of F-Secure’s Attack Detection Workshops (https://www.f-secure.com/en/consulting/events/attack-detection- fundamentals-workshops) that covered: The techniques threat actors use to bypass mail filtering controls and obtain foothold; making use of open-source tools to emulate the initial access vectors of Emotet and those used in Operation Cobalt Kitty; Learning how to detect these attacks using endpoint logs or memory analysis

Certifications

  • eCPTX
  • OSCP
  • eCTHP
  • eMAPT
  • eWPT
  • CREST CPSA
  • eCPPT

Pinned Loading

  1. bloodhound-playbook bloodhound-playbook Public

    Reproducible and extensible BloodHound playbooks

    Python 42 7

  2. TaskShell TaskShell Public

    C# 56 9

  3. BOFs BOFs Public

    Collection of Beacon Object Files (BOFs) for shells and lols

    C 111 14

  4. LiquidSnake LiquidSnake Public

    LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript

    C# 327 46