Diving into pre-created computer accounts

May 10, 2022
I was on an engagement where I simply could not elevate privileges, so I had to become creative and look deep into my old bucket (bucket being my head) of knowledge, and this resulted in some fun stuff. I had found that the client had a vulnerable certificate template also known as ESC1 that allowed...

CVE-2022-24696 – Glance by Mirametrix Privilege Escalation

March 11, 2022
When investigating my laptop, I stumbled upon something interesting that resulted in privilege escalation. I use a Lenovo ThinkPad X1 Extreme Gen 1, which has an installed software named Glance, for my day-to-day work. The purpose of this software is to use the advanced web camera to figure out if you are speaking when the...

Oh, Behave! Figuring Out User Behavior

August 19, 2021
One topic that has always been of interest to me is how users actually use their computers. While TrustedSec does have the ability to understand a system when we encounter it, there are still mysteries around normal user behavior. Understanding user behavior becomes even more important when attempting to defeat next generation of EDRs that...

ADExplorer on Engagements

April 27, 2021
ADExplorer is a tool I have always had in my backpack. It can be useful for both offensive and defensive purposes, but in this post, I am going to focus more on its offensive use. The tool itself can be found here: https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer A typical scenario I often face on engagements is that I have...

4 Free Easy Wins That Make Red Teams Harder

December 10, 2020
In this post, I will cover some easy things that defenders can do to make it harder for attackers to succeed. As you all know, there is never a silver bullet when it comes to security, so these tips will only make it harder for attackers by focusing on the basics, and sometimes, that helps...

Red Teaming With Cobalt Strike – Not So Obvious Features

August 27, 2020
Since beginning work as a red teamer almost two years ago, I’ve had to learn a lot of new information and tooling. I had never worked with Cobalt Strike before and there were features not obvious to me until I had used it for a while and gained some experience with it. This post will...
  • Browse by Category

  • Clear Form