hadess

Mimikatz Comprehensive Cheatsheet

Mimikatz Comprehensive Book

We begin by delving into the history and evolution of Mimikatz, tracing its development from a simple password extraction tool to a multifaceted suite capable of advanced operations. The book then guides readers through the installation and configuration of Mimikatz, ensuring a solid foundation before progressing to more complex topics.

Pwning the Domain: AD CS

Pwning the Domain: AD CS EBook

The key finding is that AD CS, if not properly configured and secured, presents multiple vulnerabilities that can be exploited for domain escalation, persistence, and certificate theft. Attackers can leverage weak permissions, misconfigurations, and specific service vulnerabilities to gain and maintain unauthorized access, emphasizing the need for stringent security measures, regular audits, and adherence to …

Pwning the Domain: AD CS EBook Read More »

Pwning the Domain: AD CS

Pwning the Domain: AD CS

Active Directory Certificate Services (AD CS) is a crucial component of enterprise security infrastructure, providing services for public key cryptography. However, misconfigurations and vulnerabilities within AD CS can be exploited for domain escalation, persistence, and certificate theft. These exploits leverage weaknesses in certificate templates, enrollment services, access control lists (ACLs), and other AD CS components. …

Pwning the Domain: AD CS Read More »

SIM Swap Attack

SIM Swap attacks

Introduction SIM Swap attacks are well known to cybersecurity professionals. They allow an attacker to take control of the victim’s SIM card, enabling them to validate online payments or change the victim’s account passwords. This type of attack is widespread and has caused significant damage worldwide. Recently, in January 2024, the X account of the …

SIM Swap attacks Read More »

Threat Intel Roundup: Android, APT28, GHES, AMSI

Threat Intel Roundup: Android, APT28, GHES, AMSI

Week in Overview(30 Apr-7 May) – 2024 it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated with various vulnerabilities and threats:

Free Consultation

For a Free Consultation And Analysis Of Your Business, Please Fill Out The Opposite Form, Our Team Will Contact You As Soon As Possible.