Jan 26 · 10 min read · Trong các cuộc tấn công mạng hiện đại, đặc biệt là các chiến dịch lateral movement và post-exploitation trong môi trường Active Directory, attacker hiếm khi “tự viết lại bánh xe”. Thay vào đó, họ tận dụng những bộ công cụ mã nguồn mở đã được kiểm chứ...
Join discussion
Jan 2 · 4 min read · What is NTLM NTLM is an outdated and insecure authentication protocol that is still surprisingly common in modern Windows environments. While it may “just work,” it also opens the door to some of the most common and devastating Active Directory attac...
Join discussionOct 17, 2023 · 1 min read · Find existing local admin access for the current user: Find-LocalAdminAccess Hunt for sessions of interesting users on machines where you have access: Find-DomainUserLocation -CheckAccess | ?{$_.LocalAdmin -Eq True } Search for kerberoastable...
Join discussion
Sep 4, 2023 · 3 min read · Port forwarding using Netsh is a simple process that allows you to remotely access a computer or network from another device. With a few simple commands, you can route traffic from one application to another, and even control how data is sent over th...
Join discussion
