LAPS 2.0 Internals
#xpn
This year, LAPS 2.0 was released by Microsoft, and thankfully it now comes built-in to Windows. This time it comes ready for use with Active Directory, as well as being supported in Azure AD aka Entra ID. In this post, we’ll look at how LAPS 2.0 for Active Directory works under the hood, so you can make those fresh recommendations to your clients, and prepare yourself for the inevitable question... “But we just deployed LAPS.. what does LAPS 2.0 do differently?!”.
via XPN InfoSec Blog
#xpn
This year, LAPS 2.0 was released by Microsoft, and thankfully it now comes built-in to Windows. This time it comes ready for use with Active Directory, as well as being supported in Azure AD aka Entra ID. In this post, we’ll look at how LAPS 2.0 for Active Directory works under the hood, so you can make those fresh recommendations to your clients, and prepare yourself for the inevitable question... “But we just deployed LAPS.. what does LAPS 2.0 do differently?!”.
via XPN InfoSec Blog
🏆2
The Client/Server Relationship — A Match Made In Heaven
#trustedsec
This blog post was co-authored with Charlie Clark and Jonathan Johnson of Binary Defense. 1 Introduction One thing often forgotten is that detection engineering isn’t always centered around 1 action to 1 query but also to drive effective incident response to optimize the triage of an alert. This is best served with context. We often...
via TrustedSec Blog (author: Roza Maille)
#trustedsec
This blog post was co-authored with Charlie Clark and Jonathan Johnson of Binary Defense. 1 Introduction One thing often forgotten is that detection engineering isn’t always centered around 1 action to 1 query but also to drive effective incident response to optimize the triage of an alert. This is best served with context. We often...
via TrustedSec Blog (author: Roza Maille)
Evilginx 3.2 - Swimming With The Phishes
#kgretzky
The new free update for the Evilginx phishing framework is OUT NOW! Enjoy the new features and improvements!
via BREAKDEV Blog (author: Kuba Gretzky)
#kgretzky
The new free update for the Evilginx phishing framework is OUT NOW! Enjoy the new features and improvements!
via BREAKDEV Blog (author: Kuba Gretzky)
BREAKDEV RED - Red Team Community
#kgretzky
Join the vetted Discord community, oriented around using Evilginx and ethical phishing, where everyone can safely share their phishing tips and tricks without worrying about them being misused by unknown parties.
via BREAKDEV Blog (author: Kuba Gretzky)
#kgretzky
Join the vetted Discord community, oriented around using Evilginx and ethical phishing, where everyone can safely share their phishing tips and tricks without worrying about them being misused by unknown parties.
via BREAKDEV Blog (author: Kuba Gretzky)
Leveraging VSCode Extensions for Initial Access
#mdsec
Introduction On a recent red team engagement, MDSec were tasked with crafting a phishing campaign for initial access. The catch was that the in-scope phishing targets were developers with technical...
via MDSec Blog (author: Admin)
#mdsec
Introduction On a recent red team engagement, MDSec were tasked with crafting a phishing campaign for initial access. The catch was that the in-scope phishing targets were developers with technical...
via MDSec Blog (author: Admin)
Crafting Emails with HTML Injection
#trustedsec
Have you ever wanted to send an email from a domain you don’t have SMTP credentials for? With some HTML injection, we may be able to do just that. From time to time, applications have a need to notify users that an action has occurred or that something in the application needs attention. This may...
via TrustedSec Blog (author: Roza Maille)
#trustedsec
Have you ever wanted to send an email from a domain you don’t have SMTP credentials for? With some HTML injection, we may be able to do just that. From time to time, applications have a need to notify users that an action has occurred or that something in the application needs attention. This may...
via TrustedSec Blog (author: Roza Maille)
Lord Of The Ring0 - Part 5 | Saruman’s Manipulation
#idov31
via Ido Veltzman Blog (author: Ido Veltzman (idov3110@gmail.com))
#idov31
via Ido Veltzman Blog (author: Ido Veltzman (idov3110@gmail.com))
Creative Process Enumeration
#trustedsec
Very often in engagements, you’ll want to list out processes running on a host. One thing that is beneficial is to know is if the processes is a 64-bit or 32-bit process. Why do you need to know the process architecture, you might ask? The reasons are many, but one common example is that you...
via TrustedSec Blog (author: Roza Maille)
#trustedsec
Very often in engagements, you’ll want to list out processes running on a host. One thing that is beneficial is to know is if the processes is a 64-bit or 32-bit process. Why do you need to know the process architecture, you might ask? The reasons are many, but one common example is that you...
via TrustedSec Blog (author: Roza Maille)
This media is not supported in your browser
VIEW IN TELEGRAM
GPOddity: exploiting Active Directory GPOs through NTLM relaying, and more!
#synacktiv
via Synacktiv Blog (author: Quentin Roland)
#synacktiv
via Synacktiv Blog (author: Quentin Roland)
Shadow Wizard Registry Gang: Structured Registry Querying
#specterops
via SpecterOps Team Medium (author: Max Harley)
#specterops
via SpecterOps Team Medium (author: Max Harley)
Medium
Shadow Wizard Registry Gang: Structured Registry Querying
We love casting spells