/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

www.labofapenetrationtester.com
| | blog.ikuamike.io
4.0 parsecs away

Travel
| | Introduction After passing my OSCP, I am planning on doing CRTP and CRTO sometime this year. I took the OSCP exam before the updates that are focused on Active Directory so I didn't actively focus on this area. So to learn and practice on AD and Windows and also as some prep for the certifications I plan on taking, I will be doing some machines that are AD related and try to get into the details of the included misconfigurations and vulnerabilities.
| | adsecurity.org
4.0 parsecs away

Travel
| | Active Directory has several levels of administration beyond the Domain Admins group. In a previous post, I explored: "Securing Domain Controllers to Improve Active Directory Security" which explores ways to better secure Domain Controllers and by extension, Active Directory. For more information on Active Directory specific rights and permission review my post "Scanning for Active ...
| | www.hub.trimarcsecurity.com
4.1 parsecs away

Travel
| | IntroductionIf you've administered Active Directory (AD) for any significant time, chances are you've come across the primaryGroupID attribute. Originally developed as a method for AD to support POSIX-compliant applications, the attribute has been better known by a different name: An Attack Vector. Commonly referenced in a DCShadow attack, an adversary can set a user's primaryGroupID to 512 (Domain Admins) and effectively become a member of that group. One of the post important concepts to gras
| | blog.0patch.com
19.8 parsecs away

Travel
| by Mitja Kolsek, the 0patch Team Forced authentication issues (including NTLM relaying and Kerberos relaying) are a silent elephant in the...