activedirectory   5007

« earlier    

Exploiting CVE-2019-1040 - Combining relay vulnerabilities for RCE and Domain Admin -
Using a combination of these vulnerabilities, it is possible to relay SMB authentication to LDAP. This allows for Remote code execution as SYSTEM on any unpatched Windows server or workstation (even those that are in different Active Directory forests), and for instant escalation to Domain Admin via any unpatched Exchange server (unless Exchange permissions were reduced in the domain).
windows  activedirectory  domain  pentest 
4 days ago by whip_lash
GitHub - porterhau5/BloodHound-Owned: A collection of files for adding and leveraging custom properties in BloodHound.
A collection of files for adding and leveraging custom properties in BloodHound. A thorough overview of the ideas that led to these Custom Queries & Ruby script can be found in this blog post:

These are intended, although not required, to be used with a forked version of BloodHound found here:
bloodhound  activedirectory  pentest  security 
9 days ago by whip_lash
Jessica Payne on Twitter: "If you want to see if a domain admin has logged in somewhere and exposed credentials…"
"If you want to see if a domain admin has logged in somewhere and exposed credentials (logon types 2,4,5,10) and track down accounts at risk or what might break if you reduce service account privileges you don’t even need fancy tools:"
win-admin  activedirectory  security  work 
4 weeks ago by ahall
GitHub - l0ss/Grouper2: Find vulnerabilities in AD Group Policy
Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.
activedirectory  grouppolicy  security  pentest 
5 weeks ago by whip_lash
Documentation - PingCastle
This report produce a map of all Active Directory that PingCastle knows about. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.
activedirectory  security 
5 weeks ago by whip_lash
Impersonating Service Accounts with Silver Tickets | Insider Threat Blog
Now that we have compromised at least one service account and extracted its password, this post will explore how to further exploit that account using Silver Tickets.
activedirectory  pentesting  pentest  silverticket 
5 weeks ago by whip_lash

« earlier    

related tags

000000  389ds  active-directory  active  active_directory  ad  adfs  admin  analysis  api  apple  architecture  aspnetcore  auth  authentication  automation  azure  azuread  binding  bloodhound  blue  blueteam  bruteforce  certificate  certificates  code  credentials  cvs  data  defense  dfir  directory  dll  dns  documentation  domain  dotnet  elasticsearch  example  exchange  exploit  free  freeipa  gdpr  github  golden  grouppolicy  howto  idm  ifttt  infosec  integration  ironpython  isdp  jamf  kerberos  later  ldap  linux  logging  mac  macos  methods  microsoft  mimikatz  monitoring  mssql  mstechnet  mysql  neo4j  newusers  oauth  office  onelogin  opensource  overview  packer  password  passwords  pen-testing  pentest  pentesting  pocket  powershell  printers  privesc  privilegeescalation  programming  pwned  recvoery  red  redhat  redteam  repair  ruby  script  security  server  silverticket  software  solutions  spn  sqlserver  sync  tech  technet  ticket  tool  tools  unix  upwork  utility  vagrant  webdev  win-admin  windows  work 

Copy this bookmark: