Rob Fuller

And it doesn't work on Linux powershell ;-) ``` PS /root/powershell/MailSniper> Invoke-DomainHarvestOWA cmdlet Invoke-DomainHarvestOWA at command pipeline position 1 Supply values for the following parameters: ExchHostname: blah [*] Harvesting domain...

what does it do?

How to detect this finding using BloodHound data and Neo4j: ``` MATCH (u:User) WHERE u.userpassword IS NOT NULL RETURN u ```

Ya, I didn't like how I had that set up in the first place and din't really have an idea how to fix it. I like your suggestion, I'll try...

From the new CVE: > It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control...

Which file did you hash? Someone else online mentioned another hash and I'm looking into it. This is where I got my hashes from: https://archive.apache.org/dist/logging/log4j/2.11.1/ and I just did a...

That's all the JAR files. I don't believe they all contain the vulnerability.

Just bringing this up and pointing out that a project already exists so most of the work is done: https://github.com/nettitude/SharpSocks

If you are building release, wouldn't it be in the Inveigh/Release folder rather than Debug upon successful build?

GMSA passwords would be awesome too