Blog

Home > Resources > Blog

Latest

Using Azure to Address Endpoint Hygiene Management

July 14, 2020

By Stephen Marchewitz in Program Development, Remediation Assistance & Training, Security Remediation

Featured

Become The Malware Analyst Series: Malicious Code Extraction and Deobfuscation

July 7, 2020

By Scott Nusbaum in Incident Response, Incident Response & Forensics, Malware Analysis, Threat Hunting

Practical OAuth Abuse for Offensive Operations – Part 1

May 13, 2020

By Scot Berner in Application Security Assessment, Penetration Testing, Purple Team Adversarial Detection & Countermeasures, Red Team Adversarial Attack Simulation, Security Testing & Analysis

Background OAuth is an open authorization standard that facilitates unrelated servers and services working together, allowing access to their assets without sharing the initial, related, single logon credential. I have been thinking of it as a kind of Kerberos for external services, without a shared domain or forest. A familiar instance would be authentication to...

Read

Creating Honey Credentials with LSA Secrets

November 21, 2019

By Scot Berner in Application Security Assessment, Penetration Testing, Security Testing & Analysis

As an attacker, I frequently leverage LSASecrets to escalate privileges within the context of an ongoing compromise. Generally, the attack path is something like this: Gain Initial Foothold > Escalate to Limited User > Dump LSASecrets on Systems Where Credentials are Administrator A pretty slick way to identify targets to dump LSASecrets on is to...

Read

Buying Internal Domain Access Again

October 3, 2019

By Scot Berner in Penetration Testing, Security Testing & Analysis

So, this post is inspired by some very interesting research done by @mubix that you can read about here, as well as this amazing post by Tim Medin here. After reading Mubix’s post, I was whipped into a frenzy and purchased several domains. I realize that these posts are both several years old, but this idea has...

Read