“Dirty Pipe” Linux Kernel Vulnerability (CVE-2022-0847)
"Dirty Pipe" is a well-known Linux kernel privilege escalation vulnerability. This post includes a walkthrough of how...
Menu
Active Directory Series: LDAP Reconnaissance
LDAP is a protocol that is targeted by attackers to get more information about Active Directory environments....
Unleashing the Power of GenAI: Exploring the Dark Side of Shadow...
GenAI is a groundbreaking AI platform that can revolutionize industries. But, it can also lead to dangerous...
White House Unveils Comprehensive Cybersecurity Implementation Plan
On July 13, 2023, the Biden administration issued the first iteration of its National Cybersecurity Strategy Implementation...
Cybersecurity In Real Time: Network Tech For Identifying Attacks
An effective cyber defense strategy should not only include preventative measures but also focus on identifying attacks...
Active Directory Series: LAPS Permissions
Local Administrator Password Solutions (LAPS) provides various security benefits in Active Directory environments. If LAPS permissions are...
“PetitPotam” Windows LSA Spoofing Vulnerability (CVE-2021-36942)
PetitPotam is a NTLM relay attack vulnerability that is often checked for in Active Directory penetration testing....
Active Directory Series: 10 Reasons to Use CrackMapExec
CrackMapExec has various modules and options for Active Directory penetration testing. Here are 10 reasons to check...
KEV Catalog: “sAMAccountName” “noPac” Privilege Escalation (CVE-2021-42278 and CVE-2021-42287)
"sAMAcountName" and "noPac" are two critical Active Directory vulnerabilities that can lead to full Domain compromise. Learn...
Active Directory Series: DC Sync
DC Sync attacks are a serious threat to Active Directory environments. DC Sync attacks occurred in the...