Tag
Active Directory
Active Directory
Task Failed Successfully – Microsoft’s “Immediate” Retirement of MDT
TL;DR – After reporting vulnerabilities found in MDT, Microsoft chose to retire the service rather than...
Jan 21, 2026
Read Post
Active Directory
SCOMmand and Conquer – Attacking System Center Operations Manager (Part 1)
TL:DR SCOM suffers from similar insecure default configurations as its SCCM counterpart, enabling attackers to escalate...
Dec 10, 2025
Read Post
Active Directory
SCCM Hierarchy Takeover via Entra Integration…Because of the Implication
TL;DR SCCM sites (prior to KB35360093) integrated with Entra ID can be abused to compromise the...
Nov 19, 2025
Read Post
Active Directory
AdminSDHolder: Misconceptions, Misconfigurations, and Myths
TL;DR: This blog is the brief version. I love delving into ancient history. The Fall of...
Oct 31, 2025
Read Post
Active Directory
Is Kerberoasting Still a Risk When AES-256 Kerberos Encryption Is Enabled?
TL;DR Kerberoasting is fundamentally a weak password problem. Stronger encryption slows down cracking, but it doesn’t...
Oct 21, 2025
Read Post
Active Directory
The Clean Source Principle and the Future of Identity Security
TL;DR Modern identity systems are deeply interconnected, and every weak dependency creates an attack path — no...
Oct 8, 2025
Read Post
Active Directory
WriteAccountRestrictions (WAR) – What is it good for?
TL;DR A lot of things. The User-Account-Restrictions property grants read/write permissions to the user-account-control LDAP attribute,...
Oct 1, 2025
Read Post
Active Directory
Entra Connect Attacker Tradecraft: Part 3
TL;DR Attackers can exploit Entra Connect sync accounts to hijack device userCertificate properties, enabling device impersonation...
Jul 30, 2025
Read Post
Active Directory
Privilege Zones: BloodHound Enterprise spreading like a computer virus (of security)
TL;DR The BloodHound Enterprise team recently pushed out Privilege Zones, one of the most requested features...