blog category
Research & Tradecraft
Research & Tradecraft
Ghostwriter: Looking Back at 2021
It has been a while since we last published details about the Ghostwriter project, but the...
By: Christopher Maddalena
Dec 22, 2021 • 6 min read
Read Post
Research & Tradecraft
Azure Privilege Escalation via Azure API Permissions Abuse
Intro and Prior Work Microsoft’s Azure is a complicated system of principals, securable objects, and the...
By: Andy Robbins
Dec 1, 2021 • 13 min read
Read Post
Research & Tradecraft
Capability Abstraction Case Study: Detecting Malicious Boot Configuration Modifications
By: Michael Barclay
Nov 9, 2021 • 24 min read
Read Post
Research & Tradecraft
Azure Privilege Escalation via Service Principal Abuse
Intro and Prior Work On-prem Active Directory is here to stay, and so is Azure Active...
By: Andy Robbins
Oct 12, 2021 • 9 min read
Read Post
Research & Tradecraft
AWS ReadOnlyAccess: Not Even Once
By: Daniel Heinsen
Aug 27, 2021 • 9 min read
Read Post
Research & Tradecraft
Entity Based Detection Engineering with BloodHound Enterprise
Critical Attack Path with Auditing Table of Contents Introduction Enterprise Access Model BloodHound and Detection BloodHound Enterprise Entity Based...
By: Joshua Prager
Aug 18, 2021 • 13 min read
Read Post
Research & Tradecraft
1Password Secret Retrieval — Methodology and Implementation
Background and Motivation 1Password is a password manager developed by AgileBits Inc., providing a place for users to store...
By: Dwight Hohnstein
Aug 17, 2021 • 17 min read
Read Post
Research & Tradecraft
Playing Detection with a Full Deck
By: Jared Atkinson
Aug 16, 2021 • 12 min read
Read Post