Latest Updates
Active Directory Series: Introducing AD CS
This post introduces Active Directory Certificate Services (AD CS) and topics like: public key infrastructure (PKI), the Kerberos pre-authentication protocol
“Certifried” Active Directory Privilege Escalation Vulnerability (CVE-2022-26923)
“Certifried” is an Active Directory privilege escalation vulnerability found in AD Certificate Services in May 2022 by Oliver Lyak.
Active Directory Series: Critical Profiled Vulnerabilities
This post provides an active list of Active Directory vulnerabilities that Secured has profiled in its Known Exploited Vulnerabilities (KEV)
Active Directory Series: “ZeroLogon” Privilege Escalation Vulnerability
In July 2020 a critical privilege escalation vulnerability emerged that affected Active Directory environments: CVE-2020-1472. Nicknamed “ZeroLogon”, the vulnerability was
Active Directory Series: LDAP Reconnaissance
LDAP is a protocol that is targeted by attackers to get more information about Active Directory environments. This post covers
Active Directory Series: LAPS Permissions
Local Administrator Password Solutions (LAPS) provides various security benefits in Active Directory environments. If LAPS permissions are not set correctly,
“PetitPotam” Windows LSA Spoofing Vulnerability (CVE-2021-36942)
PetitPotam is a NTLM relay attack vulnerability that is often checked for in Active Directory penetration testing. Attackers can become
Active Directory Series: 10 Reasons to Use CrackMapExec
CrackMapExec has various modules and options for Active Directory penetration testing. Here are 10 reasons to check out CrackMapExec.
KEV Catalog: “sAMAccountName” “noPac” Privilege Escalation (CVE-2021-42278 and CVE-2021-42287)
“sAMAcountName” and “noPac” are two critical Active Directory vulnerabilities that can lead to full Domain compromise. Learn how a dollar
Active Directory Series: DC Sync
DC Sync attacks are a serious threat to Active Directory environments. DC Sync attacks occurred in the SolarWinds compromise in
KEV Catalog: “SMBGhost” Microsoft SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
“SMBGhost” is a critical vulnerability that affected SMBv3 in Windows 10 Versions 1903 and 1909. The vulnerability is an integer
KEV Catalog: “HiveNightmare” aka ”SeriousSAM” Vulnerability CVE-2021-36934
CVE-201-36934 is called Microsoft Windows SAM Local Privilege Escalation Vulnerability and is also known by the nicknames “HiveNightmare” or “SeriousSAM”.