mixer graphic

Local Admin Access and Group Policy Don’t Mix

January 24, 2019

Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about Group Policies. I especially want to highlight why having admin access to clients can be really bad. It is important that everyone understands the weaknesses…

Read
Credential Re-Use in the Enterprise graphic

Credential Re-Use in the Enterprise

July 3, 2018

Many of our customers follow the best practice of creating separate accounts for day-to-day tasks and administrative ones. In the event of an attack, using separate accounts is often a great way to slow things down and give security teams a little extra time for discovery and identification of an attack. Because many attacks happen…

Read
asterisks graphic

It Was the “Summerof2018” – Password Auditing for Windows Administrators

April 19, 2018

IT departments around the globe spend countless hours and money ensuring that their company’s data and infrastructure are properly secured. Startup company? Install a firewall and maybe get an antivirus subscription. Past the startup phase? Upgrade your firewall to have an Intrusion Prevention Sensor (IPS) and/or maybe an Intrusion Detection Sensor (IDS). Hitting the revenue…

Read

Introduction to GPU Password Cracking: Owning the LinkedIn Password Dump

June 17, 2016

This blog was written by Martin Bos, Senior Principal Security Consultant – TrustedSec Unless you’ve been living under a rock for the past few months you have probably heard about the dump from the 2012 LinkedIn hack being released.  TrustedSec was able to acquire a copy of the list and use it for research purposes. Our…

Read

Of History & Hashes: A Brief History of Password Storage, Transmission, & Cracking

May 29, 2015

A while back Jeremy Druin asked me to be a part of a password cracking class along with Martin Bos. I was to cover the very basics, things like “What is a password hash?”, “What types are there?”, and “What is the history of passwords, hashes and cracking them?”. This got me thinking about a…

Read

Account Hunting for Invoke-TokenManipulation

January 30, 2015

I’ve been searching quite a while now for the best way to search for domain admin tokens, once admin rights are attained on a large number of systems during a pentest. Normally, I run “psexec_loggedin_users” within Metasploit, spool the output to a file, then egrep it for users in the “Domain Admins” group. This often…

Read

Abusing Internet Facing Password Resets (and a 0-day)

January 7, 2014

Throughout years of performing penetration tests, when encountering an Internet facing password reset page, we usually find at least one opportunity for improvement with it.  As humans, we generally learn from our mistakes.  For that reason, we’ll revisit three examples of how we were able to use and abuse services in the past. Our first…

Read
  • Browse by Category

  • Clear Form