blog category

Research & Tradecraft

image for Ghostwriter: Looking Back at 2021

Research & Tradecraft

Ghostwriter: Looking Back at 2021

It has been a while since we last published details about the Ghostwriter project, but the...

By: Christopher Maddalena
Dec 22, 2021 • 6 min read
Read Post
image for Azure Privilege Escalation via Azure API Permissions Abuse

Research & Tradecraft

Azure Privilege Escalation via Azure API Permissions Abuse

Intro and Prior Work Microsoft’s Azure is a complicated system of principals, securable objects, and the...

By: Andy Robbins
Dec 1, 2021 • 13 min read
Read Post
image for Capability Abstraction Case Study: Detecting Malicious Boot Configuration Modifications

Research & Tradecraft

Capability Abstraction Case Study: Detecting Malicious Boot Configuration Modifications

By: Michael Barclay
Nov 9, 2021 • 24 min read
Read Post
image for Azure Privilege Escalation via Service Principal Abuse

Research & Tradecraft

Azure Privilege Escalation via Service Principal Abuse

Intro and Prior Work On-prem Active Directory is here to stay, and so is Azure Active...

By: Andy Robbins
Oct 12, 2021 • 9 min read
Read Post
image for AWS ReadOnlyAccess: Not Even Once

Research & Tradecraft

AWS ReadOnlyAccess: Not Even Once

By: Daniel Heinsen
Aug 27, 2021 • 9 min read
Read Post
image for Entity Based Detection Engineering with BloodHound Enterprise

Research & Tradecraft

Entity Based Detection Engineering with BloodHound Enterprise

Critical Attack Path with Auditing Table of Contents Introduction Enterprise Access Model BloodHound and Detection BloodHound Enterprise Entity Based...

By: Joshua Prager
Aug 18, 2021 • 13 min read
Read Post
image for 1Password Secret Retrieval — Methodology and Implementation

Research & Tradecraft

1Password Secret Retrieval — Methodology and Implementation

Background and Motivation 1Password is a password manager developed by AgileBits Inc., providing a place for users to store...

By: Dwight Hohnstein
Aug 17, 2021 • 17 min read
Read Post
image for Playing Detection with a Full Deck

Research & Tradecraft

Playing Detection with a Full Deck

By: Jared Atkinson
Aug 16, 2021 • 12 min read
Read Post
image for Learning from our Myths

Research & Tradecraft

Learning from our Myths

By: Cody Thomas
Jun 22, 2021 • 20 min read
Read Post