Credential Dumping

Credential Dumping: GMSA

ReadGMSAPassword Attack is a technique where attackers abuse misconfigured Group Managed Service Accounts (gMSA) to retrieve their passwords. In Active Directory, ReadGMSAPassword should only be

Red Teaming

Shadow Credentials Attack

To begin with, this post explores the exploitation technique known as the Shadow Credentials attack. This attack leverages the mismanagement or exploitation of Active Directory