top of page
Search
There’s Something About Service Accounts
Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost...
Sean Metcalf
Mar 21, 20196 min read
1,170
Mitigating Exchange Permission Paths to Domain Admins in Active Directory
A blog post was published by Dirk-jan Mollema titled "Abusing Exchange: One API call away from Domain Admin " (...
-
Feb 12, 20197 min read
3,025
Transcript for DEFCON 2017 Talk: Hacking the Cloud (Gerald Steere & Sean Metcalf)
“DEF CON 25 (2017) – “Hacking the Cloud” with Gerald Steere ( @DarkPawh )” Gerald Steere, Microsoft C+E Red Team Sean Metcalf, Trimarc...
Sean Metcalf
Dec 3, 201727 min read
518
Transcript BSidesCharm Detecting the Elusive: Active Directory Threat Hunting
“Detecting the Elusive: Active Directory Threat Hunting” Sean Metcalf, Trimarc CTO BSides Charm (Baltimore, MD) April 2017 Transcript...
Sean Metcalf
Nov 22, 201728 min read
291
Trimarc Research: Detecting Kerberoasting Activity
Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without...
Sean Metcalf
Feb 17, 201713 min read
7,105
Trimarc Research: Detecting Password Spraying with Security Event Auditing
A common method attackers leverage as well as many penetration testers and Red Teamers is called "password spraying". Password spraying...
Sean Metcalf
Feb 10, 20174 min read
10,300
bottom of page