penetrationtesting Kerberos II - Credential Access In this part of the series, we will focus on Credential Access and the attacks that Kerberos can facilitate.
penetrationtesting Kerberos I - Overview This post, is the first in the series and will aim to provide an overview of the protocol, from its beginnings to the different (ab)use techniques.
redteam The Phantom Menace: Exposing hidden risks through ACLs in Active Directory The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain.