Jim Sykora
@jimsycurity.adminsdholder.com
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Trying to be human & kind.
Opinions = mine. He/Him/Hän
https://github.com/JimSycurity
https://www.adminsdholder.com
Pinned
Introduction:
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
- rural MN
- very happily married
- adult kids, 😺 🐶
Work:
- Tech, #InfoSec, #ActiveDirectory, #CyberSecurity
Passions:
- Outdoors, woodworking, tinkering, using my white male privilege to help others, music, long walks w/ 🐕, learning, books, following rabbit holes
Reposted by Jim Sykora
Man Hoping People Notice How Many Folding Chairs He’s Carrying At Once https://theonion.com/man-hoping-people-notice-how-many-folding-chairs-he-s-c-1819576444/
November 25, 2025 at 11:00 PM
Man Hoping People Notice How Many Folding Chairs He’s Carrying At Once https://theonion.com/man-hoping-people-notice-how-many-folding-chairs-he-s-c-1819576444/
Reposted by Jim Sykora
How does PingOne’s architecture shape real attacker movement?
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
November 25, 2025 at 2:24 PM
How does PingOne’s architecture shape real attacker movement?
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
In our new #KnowYourAdversary, @andyrobbins.bsky.social &
@pingidentity.com’s Bjorn Aannestad discuss RBAC, environment design, & cross-platform risks. ghst.ly/3Xd9o6D
Visit booth #736 at #GartnerIAM to learn about PingOneHound.
Reposted by Jim Sykora
Thank you @jimsycurity.adminsdholder.com for taking the time to talk about AdminSDHolder today! Too much great info to get in to 30 minutes... make sure you check out his full whitepaper 🔗 specterops.io/blog/2025/10...
Next week Brett Fernicola returns to talk about authentication threat modeling!
Next week Brett Fernicola returns to talk about authentication threat modeling!
November 19, 2025 at 7:34 PM
Thank you @jimsycurity.adminsdholder.com for taking the time to talk about AdminSDHolder today! Too much great info to get in to 30 minutes... make sure you check out his full whitepaper 🔗 specterops.io/blog/2025/10...
Next week Brett Fernicola returns to talk about authentication threat modeling!
Next week Brett Fernicola returns to talk about authentication threat modeling!
Reposted by Jim Sykora
Wake up, it's Wednesday! Join us for today's Wednesday Offensive with @jimsycurity.adminsdholder.com discussing AdminSDHolder!
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
November 19, 2025 at 2:40 PM
Wake up, it's Wednesday! Join us for today's Wednesday Offensive with @jimsycurity.adminsdholder.com discussing AdminSDHolder!
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
See you at 130pm ET 🔗 redsiege.com/wedoff
If you can't make it (or even if you can) be sure to check out Jim's whitepaper on AdminSDHolder 🔗 specterops.io/blog/2025/10...
Reposted by Jim Sykora
🔔 Friendly neighborhood reminder 🔔 Tomorrow on The Wednesday Offensive we have Jim Sykora, Security Researcher at SpecterOps, talkin about AdminSDHolder!
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
November 18, 2025 at 2:34 PM
🔔 Friendly neighborhood reminder 🔔 Tomorrow on The Wednesday Offensive we have Jim Sykora, Security Researcher at SpecterOps, talkin about AdminSDHolder!
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Reposted by Jim Sykora
they used to make real soundtracks for a movie
November 17, 2025 at 1:08 AM
they used to make real soundtracks for a movie
Reposted by Jim Sykora
The CFP for SO-CON 2026 closes in about 12 hours (11:59 2025-11-15)! Have a cool approach to attack path management (or awesome connector for BloodHound OpenGraph)? Submit ASAP:
specterops.io/so-con/
specterops.io/so-con/
SO-CON 2026 - SpecterOps
SO-CON 2026: Secure your spot for the conference and training.
specterops.io
November 15, 2025 at 6:54 PM
The CFP for SO-CON 2026 closes in about 12 hours (11:59 2025-11-15)! Have a cool approach to attack path management (or awesome connector for BloodHound OpenGraph)? Submit ASAP:
specterops.io/so-con/
specterops.io/so-con/
Reposted by Jim Sykora
you can just go ask crows stuff instead of asking chatgpt
November 6, 2025 at 12:14 PM
you can just go ask crows stuff instead of asking chatgpt
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
November 5, 2025 at 4:25 AM
Are subterranean sandwiches natural burrowers or do they inhabit the burrows of other creatures similar to burrowing owls?
Reposted by Jim Sykora
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
At the Microsoft Security Response Center (MSRC), your feedback drives our innovation. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparent, and user-friendly.
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
Learn more in our blog post: www.microsoft.com/en-us/msrc/b...
October 31, 2025 at 3:48 PM
Heads up hackers, tell us your wants, your needs, and how you like your squirrels fed.
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
AdminSDHolder Misconceptions & Misconfigurations - SpecterOps
AdminSDHolder is an object and associated process in Active Directory Domain Services (AD DS) that helps protect specific sensitive and highly privileged accounts from being manipulated. This topic is...
specterops.io
October 31, 2025 at 7:47 PM
Note: Work related
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
I do Active Directory stuff for a living. Security research to be more specific. One of my favorite niche AD topics is AdminSDHolder. It's even my vanity domain.
I wrote a 159 pg book about AdminSDHolder. I'm kinda proud of it.
specterops.io/resources/ad...
Reposted by Jim Sykora
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
October 29, 2025 at 10:25 PM
NTLM relay research is evolving!
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Join Nick Powers & @tw1sm.bsky.social TOMORROW as they share new methods to enumerate EPA enforcement across MSSQL, HTTP, & more—and intro RelayInformer, expanding attacker-perspective coverage for key protocols.
Grab your spot → ghst.ly/oct-web-bsky
Reposted by Jim Sykora
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
October 24, 2025 at 4:34 PM
Fund Me Fridays is back!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
In honor of Link, who remains unjustly banned, I will be reposting mutual aid links under this thread.
Drop your links and let’s meet some needs!
Reposted by Jim Sykora
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Catching Credential Guard Off Guard - SpecterOps
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
ghst.ly
October 23, 2025 at 5:45 PM
Credential Guard was supposed to end credential dumping. It didn't.
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more: ghst.ly/4qtl2rm
Reposted by Jim Sykora
Do you or somebody you know have a Windows 10 that isn't fit for a Windows 11 upgrade? (e.g. no TPM)
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
October 17, 2025 at 1:36 PM
Do you or somebody you know have a Windows 10 that isn't fit for a Windows 11 upgrade? (e.g. no TPM)
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
1. Get a Windows 11 25H2 ISO
2. Run `setup /product server`
Enjoy your Windows 11 with no coerced Microsoft Account, TPM features, etc.
Reposted by Jim Sykora
Still in testing, but it’s a pattern anyone can use to manage Intune like any other Infrastructure as Code system.
github.com/AllwaysHyPe/...
github.com/AllwaysHyPe/...
GitHub - AllwaysHyPe/IntuneStack
Contribute to AllwaysHyPe/IntuneStack development by creating an account on GitHub.
github.com
October 21, 2025 at 3:01 AM
Still in testing, but it’s a pattern anyone can use to manage Intune like any other Infrastructure as Code system.
github.com/AllwaysHyPe/...
github.com/AllwaysHyPe/...
Reposted by Jim Sykora
Lilac-breasted Roller
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
October 20, 2025 at 8:27 PM
Lilac-breasted Roller
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Lillabrystet Ellekrage
Coracias caudatus
#birds #birding #Kenya #photography #nature #naturephotography #wildlifephotography #wildlife #ornithology #birdphotography #animalphotography
Reposted by Jim Sykora
Introducing PingOneHound, a BloodHound extension to map and remediate attack paths in PingOne.
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
PingOne Attack Paths - SpecterOps
You can use PingOneHound in conjunction with BloodHound Community Edition to discover, analyze, execute, and remediate identity-based attack paths in PingOne instances.
ghst.ly
October 20, 2025 at 7:19 PM
Introducing PingOneHound, a BloodHound extension to map and remediate attack paths in PingOne.
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
@andyrobbins.bsky.social dives in to the architecture and mechanics in our latest blog post. Learn more & get started today. ghst.ly/3WLqlVd
Reposted by Jim Sykora
Seriously, I love this post so much - Good weekend timeline cleanser: "Root for Your Friends · Joseph Thacker"
m.cje.io/3KYvnLt
m.cje.io/3KYvnLt
Root for Your Friends
Discover the power of rooting for your friends and how it can amplify success for everyone involved.
m.cje.io
October 18, 2025 at 10:39 PM
Seriously, I love this post so much - Good weekend timeline cleanser: "Root for Your Friends · Joseph Thacker"
m.cje.io/3KYvnLt
m.cje.io/3KYvnLt
Reposted by Jim Sykora
just watched a dozen people ask microsoft copilot experts their most pressing questions and those questions were 90% “how do i turn it off?” and “when i turn it off, is it really off or is it spying on me?”
October 9, 2025 at 1:45 PM
just watched a dozen people ask microsoft copilot experts their most pressing questions and those questions were 90% “how do i turn it off?” and “when i turn it off, is it really off or is it spying on me?”
Reposted by Jim Sykora
chat, its been another lovely week of internet schizophrenia. please enjoy this cute video of this kitty cat
October 5, 2025 at 5:59 PM
chat, its been another lovely week of internet schizophrenia. please enjoy this cute video of this kitty cat
Reposted by Jim Sykora
A little OpenGraph POC for mapping PE header imports of all .dll and .exe files in a fresh Windows install. These are all the binaries that have some kind of import chain leading to kernel32.dll
October 2, 2025 at 4:51 PM
A little OpenGraph POC for mapping PE header imports of all .dll and .exe files in a fresh Windows install. These are all the binaries that have some kind of import chain leading to kernel32.dll
Reposted by Jim Sykora
Stunning male northern cardinal with both its tail and crest raised.
#birds #birdphotography #birdsoftheworld #photography #nature
#birds #birdphotography #birdsoftheworld #photography #nature
October 1, 2025 at 7:36 PM
Stunning male northern cardinal with both its tail and crest raised.
#birds #birdphotography #birdsoftheworld #photography #nature
#birds #birdphotography #birdsoftheworld #photography #nature
Reposted by Jim Sykora
NEW: I interviewed Leonard Peltier at his new home in North Dakota.
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
‘We’re In Danger’: Leonard Peltier Has A Warning About Trump
In a sit-down interview, the Indigenous rights activist reflects on his nearly 50 years in prison, why he thinks Biden bucked the FBI to free him, and how tribes are “in danger” under Trump.
www.huffpost.com
September 30, 2025 at 1:52 PM
NEW: I interviewed Leonard Peltier at his new home in North Dakota.
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Now 81, he has a LOT to say about his ~50 years in prison, why he thinks Biden bucked the FBI to finally release him, how Indigenous people are "in danger" under Trump, and his next chapter. www.huffpost.com/entry/leonar...
Reposted by Jim Sykora
