In this post, we are going to discuss the most dynamic attack on AD, named as DC Shadow attack for Domain Persistence. It is part
Executive Summary AdminSDHolder is a special container object in every Microsoft Active Directory (AD) forest that defines the security descriptor template applied to privileged accounts
Today, we are going to shed some light on a very sticky persistence method in Windows systems. In fact, it is so persistent that it
When many people around were fighting the good fight for Net Neutrality, talented people over Dell SecureWorks Counter Threat Unit or CTU discovered a malware
In this article, we have used the Golden Ticket attack for Domain Persistence. Golden Ticket Attack is a famous technique of impersonating users on an
In this article, we are going to describe the ability of the Netsh process to provide persistent access to the Target Machine. Table of Content
In this article, we are going to describe the ability of the Bits Job process to provide persistent access to the Target Machine. Table of
In this article, we are going to describe the ability of the WinLogon process to provide persistent access to the Target Machine. Table of Content
In this post, we will discuss RID hijacking, which is considered to be a persistence technique in terms of the cyber kill chain, and in