What is Pass-the-Hash? Attacks Types and Security Best Practices During our internal penetration tests, we regularly compromise Active Directory without using any passwords. This is possible thanks to an iconic atta... 16.01 Infra & Network
Active Directory Monitoring: LDAP Log Analysis and ELK Rules Active Directory (AD) is a directory service developed by Microsoft. It is used by most companies to manage identities, user accounts, machines, secur... 13.10 Infra & Network
AD CS Security: Understanding and Exploiting ESC Techniques After presenting the operating principles of Active Directory Certificate Services (AD CS) in a previous article, it is now time to address a more off... 25.09 Infra & Network
Understanding Active Directory Certificate Services (AD CS) As part of our internal penetration tests, we regularly encounter AD CS (Active Directory Certificate Services) infrastructures deployed on corporate ... 19.06 Infra & Network
Active Directory Pentesting: Objective, Methodology, Black Box and Grey Box Tests Active Directory (AD) is at the heart of many organisations’ IT infrastructure. It manages authentication, authorisation and access to critical ... 02.01 Infra & Network
Understanding NTLM Authentication and NTLM Relay Attacks In an office environment, user workstations generally use Windows operating systems and therefore authenticate using protocols developed by Microsoft.... 08.07 Infra & Network
Black Box Penetration Testing: Objective, Methodology and Use Cases During a penetration test, we generally consider 3 test conditions: black, grey or white box. These test conditions correspond to the levels of inform... 11.03 Applications
