Red Teaming

Red Teaming

AD Certificate Exploitation: ESC1

AD CS ESC1 Certificate Exploitation is a critical vulnerability in Active Directory Certificate Services. In this article, we will explores how misconfigured certificate templates can

Red Teaming

Credential Dumping: GMSA

ReadGMSAPassword Attack is a technique where attackers abuse misconfigured Group Managed Service Accounts (gMSA) to retrieve their passwords. In Active Directory, ReadGMSAPassword should only be

Red Teaming

Shadow Credentials Attack

To begin with, this post explores the exploitation technique known as the Shadow Credentials attack. This attack leverages the mismanagement or exploitation of Active Directory

Red Teaming

Abusing AD-DACL: AddSelf

In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the AddSelf permission in Active Directory environments. By exploiting this