blog category
Research & Tradecraft
Research & Tradecraft
The Phantom Credentials of SCCM: Why the NAA Won’t Die
TL;DR — Stop Using Network Access Accounts! If a Windows machine has ever been an SCCM client, there...
By: Duane Michael
Jun 28, 2022 • 10 min read
Read Post
Research & Tradecraft
Understanding the Function Call Stack
There’s more than meets the eye under the function call hood This post is based on a...
By: Jared Atkinson
Jun 27, 2022 • 11 min read
Read Post
Research & Tradecraft
The Ghostwriter team recently released v3.0.0. This release represents a significant milestone for the project, and...
By: Christopher Maddalena
Jun 14, 2022 • 5 min read
Read Post
Research & Tradecraft
Managed Identity Attack Paths, Part 3: Function Apps
Intro and Prior Work In this three part blog series we have explored attack paths that emerge...
By: Andy Robbins
Jun 8, 2022 • 10 min read
Read Post
Research & Tradecraft
Managed Identity Attack Paths, Part 2: Logic Apps
Intro and Prior Work In this three part blog series we are exploring attack paths that emerge...
By: Andy Robbins
Jun 7, 2022 • 9 min read
Read Post
Research & Tradecraft
Managed Identity Attack Paths, Part 1: Automation Accounts
Intro and Prior Work In this three part blog series we will explore attack paths that emerge...
By: Andy Robbins
Jun 6, 2022 • 12 min read
Read Post
Research & Tradecraft
DeepPass — Finding Passwords With Deep Learning
DeepPass — Finding Passwords With Deep Learning One of the routine tasks operators regularly encounter on most engagements is...
By: Will Schroeder
Jun 1, 2022 • 15 min read
Read Post
Research & Tradecraft
EntropyCapture: Simple Extraction of DPAPI Optional Entropy
Intro During a short application assessment, enumeration and decryption of a third-party application’s Windows Data Protection...
By: Matt Merrill
May 18, 2022 • 5 min read
Read Post
Research & Tradecraft
Learning Machine Learning Part 3: Attacking Black Box Models
In the first post in this series we covered a brief background on machine learning, the...