In this part of the series, we will focus on Credential Access and the attacks that Kerberos can facilitate. In the first part of the Kerberos series, we’ve set the groundwork for the following ...
Kerberos I - Overview
This post, is the first in the series and will aim to provide an overview of the protocol, from its beginnings to the different (ab)use techniques. Kerberos, again Brief History of Kerberos...
The Phantom Menace - Exposing hidden risks through ACLs in Active Directory
The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain. In this ...
Active Directory Certificate Services Abuse
Although this is nothing new, these days I wanted to read and learn in depth how Active Directory Certificate Services works. For this purpose, I configured the ADCS, the CA and the vulnerable temp...
AWS Pentesting Cheatsheet
AWS pentesting may seem a bit annoying, but once you understand all the services and the possibilities of lateral movements and the potential for lateral movements and privilege escalation due to c...
- 1
- 1 / 1