News
Certificate Service Relaying
After forcing authentication and obtaining the NetNTLM hash of the password of the victim's machine user, we are presented with different exploitation scenarios which we will discuss throughout...
Certificate Service Relaying
After forcing authentication and obtaining the NetNTLM hash of the password of the victim's machine user, we are presented with different exploitation scenarios which we will discuss throughout...
Tickets Kerberos - Diamond Ticket
Completing the delivery of Kerberos Tickets, we give way to the Diamond Ticket. Like a Golden Ticket, a Diamond Ticket is a TGT that can be used to access any...
Tickets Kerberos - Diamond Ticket
Completing the delivery of Kerberos Tickets, we give way to the Diamond Ticket. Like a Golden Ticket, a Diamond Ticket is a TGT that can be used to access any...
Tickets Kerberos - Silver Ticket
Continuing with the deliveries of Kerberos Tickets, in past publications we have talked about the Golden Ticket, this time we will be talking about the Silver Ticket. SILVER TICKET The...
Tickets Kerberos - Silver Ticket
Continuing with the deliveries of Kerberos Tickets, in past publications we have talked about the Golden Ticket, this time we will be talking about the Silver Ticket. SILVER TICKET The...
Tickets Kerberos
Today we are going to talk about one of the different techniques that we usually carry out on internal pentest Once an attacker manages to compromise a domain after achieving...
Tickets Kerberos
Today we are going to talk about one of the different techniques that we usually carry out on internal pentest Once an attacker manages to compromise a domain after achieving...
Keep your Azure Active Directory Protected
Whenever we talk about cybersecurity we think about the servers that we have hosted in our company and we worry about their exposure to the outside world and the impact...
Keep your Azure Active Directory Protected
Whenever we talk about cybersecurity we think about the servers that we have hosted in our company and we worry about their exposure to the outside world and the impact...
Moniker Link (CVE-2024-21413)
On February 13, 2024, Microsoft reported a vulnerability in its Outlook application. I identified this vulnerability with CVE-2024-21413, whose criticality was classified as 9.8...
Moniker Link (CVE-2024-21413)
On February 13, 2024, Microsoft reported a vulnerability in its Outlook application. I identified this vulnerability with CVE-2024-21413, whose criticality was classified as 9.8...
