The “Pwning the Domain: With Credentials” article series presents a comprehensive exploration of techniques used by attackers to exploit Active Directory environments. Key findings include the significance of proper enumeration of domain accounts using tools like BloodHound and PowerView, the
Domain Account After getting access to a domain account, there are a variety of things that can be done including but not limited to: domain enumeration, Kerberoasting, coercion, etc. Enumeration There are many options for enumerating the domain once you
it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated with various vulnerabilities and threats:
GL.iNet’s GL-AX1800 router has been found to be susceptible to several critical security vulnerabilities, which expose the device to potential attacks. These vulnerabilities significantly expand the attack surface of the router, putting user data, device integrity, and network security at
Executive Summary This report outlines the findings of a comprehensive security assessment conducted on the GL-AX1800 router manufactured by GL.iNet. The assessment aimed to identify potential vulnerabilities and weaknesses in the device’s security measures. During the evaluation, several critical security
Week in Overview(6 Feb-13 Feb) – 2024 it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated
Reconnaissance Reconnaissance is an important step when engaging in a red teaming/penetration testing assessment. It may provide you the information you need later on while it may not seem so important in the meantime, For example you may stumble upon
Week in Overview(30 Jan-6 Feb) – 2024 it is crucial for organizations and individuals to prioritize remediation and patching efforts to safeguard their systems and data. The following key findings highlight the importance of proactive measures to mitigate risks associated
Enter Yak Lang, a language designed to address the evolving needs of security practitioners and organizations. As technology advances and the scope of security projects expands, there is a growing necessity for languages that excel in both efficiency and suitability
During our thorough assessment of the Moxa ioLogik E1212 series, we uncovered critical vulnerabilities that pose significant risks to the security of the system. These vulnerabilities encompass various attack vectors, including Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), cryptographic failures,
