blog category

Research & Tradecraft

image for Certified Pre-Owned

Research & Tradecraft

Certified Pre-Owned

L;DR Active Directory Certificate Services has a lot of attack potential! Check out our whitepaper “Certified Pre-Owned:...

By: Will Schroeder
Jun 17, 2021 • 28 min read
Read Post
image for Shadow Credentials: Abusing Key Trust Account Mapping for Account Takeover

Research & Tradecraft

Shadow Credentials: Abusing Key Trust Account Mapping for Account Takeover

By: Elad Shamir
Jun 17, 2021 • 12 min read
Read Post
image for Proxy Windows Tooling via SOCKS

Research & Tradecraft

Proxy Windows Tooling via SOCKS

By: Nick Powers
Jun 10, 2021 • 14 min read
Read Post
image for An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch

Research & Tradecraft

An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch

Introduction Let’s be honest, BloodHound and PowerView are objectively better tools for querying, enumerating, and investigating Active Directory (AD). They...

By: Hope Walker
Jun 2, 2021 • 21 min read
Read Post
image for Offensive Security Guide to SSH Tunnels and Proxies

Research & Tradecraft

Offensive Security Guide to SSH Tunnels and Proxies

By: Russel Van Tuyl
Apr 22, 2021 • 23 min read
Read Post
image for Man in the Terminal

Research & Tradecraft

Man in the Terminal

Summary By using path hijacking and modification on Unix-like machines, we can achieve pseudo-keylogging functionality by...

By: Dwight Hohnstein
Apr 5, 2021 • 7 min read
Read Post
image for Hacking with Haskell

Research & Tradecraft

Hacking with Haskell

By: Max Harley
Jan 5, 2021 • 5 min read
Read Post
image for Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port

Research & Tradecraft

Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port

Introduction EDIT 7/16/23: Chromium added protections against this technique. Additional details can be found here: https://slyd0g.medium.com/debugging-cookie-dumping-failures-with-chromiums-remote-debugger-8a4c4d19429f This...

By: Justin Bui
Dec 17, 2020 • 13 min read
Read Post
image for Introducing BloodHound 4.0: The Azure Update

Research & Tradecraft

Introducing BloodHound 4.0: The Azure Update

By: Andy Robbins
Nov 20, 2020 • 7 min read
Read Post