-
师傅你好,一点关于【基于资源的约束委派攻击】的问题想向你请教一下:
在你的技术文档【域渗透——基于资源的约束委派利用】( `https://www.redteaming.top/2020/03/23/%E5%9F%9F%E6%B8%97%E9%80%8F%E2%80%94%E2%80%94%E5%9F%BA%E4%BA%8E%E8%B5%84%E6%BA%90%E7%9A%84%E7%BA%…
-
Location: [Libera.chat, #monero-research-lab](https://libera.chat/) | [Matrix](https://matrix.to/#/#monero-research-lab:monero.social?via=matrix.org&via=monero.social)
[Join the Monero Matrix serve…
-
Hi @jborean93,
I just want to make you aware that setting LocalAccountTokenFilterPolicy=1 creates a huge security risk for the whole network. It enables Pass The Hash attacks (e.g. using mimikatz) …
-
I'm running into an issue using the OASIS STIX 2.0 json schemas available here https://github.com/oasis-open/cti-stix2-json-schemas/tree/stix2.0 and validating MITRE enterprise att&ck data.
The la…
-
unable to load certificate
140110513026240:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[!] Failed to clone certificate, create bogus…
-
First, went to your presentations at BlackHat/DEFCON, and they were awesome.
Second, I think I have found an issue with Find-GPOLocation in BloodHound.ps1 that may have already been mentioned somew…
-
Keepass2john/JTR supports the keepass hash of kdb and kdbx files with and without keyfile. Keepass also has a feature of adding Windows User Account that is currently not support. Could you please add…
-
Sometimes the Find-LocalAdminAccess Skript in Recon/Powerview doesnt give output, because the user is not Admin on remote AD-Systems.
I wonder if its possible to query for Systems with interactive…
-
In this great blog post: http://www.harmj0y.net/blog/redteaming/mimikatz-and-dcsync-and-extrasids-oh-my/ is the following quote:
---
Then we need the SID of the forest root. I’m sure there are bette…