There’s Something About Service Accounts
Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost...
top of page
Search
-
Feb 12, 20197 min read
Mitigating Exchange Permission Paths to Domain Admins in Active Directory
A blog post was published by Dirk-jan Mollema titled "Abusing Exchange: One API call away from Domain Admin " (...
2,703
Sean Metcalf
Dec 3, 201727 min read
Transcript for DEFCON 2017 Talk: Hacking the Cloud (Gerald Steere & Sean Metcalf)
“DEF CON 25 (2017) – “Hacking the Cloud” with Gerald Steere ( @DarkPawh )” Gerald Steere, Microsoft C+E Red Team Sean Metcalf, Trimarc...
385
Sean Metcalf
Nov 22, 201728 min read
Transcript BSidesCharm Detecting the Elusive: Active Directory Threat Hunting
“Detecting the Elusive: Active Directory Threat Hunting” Sean Metcalf, Trimarc CTO BSides Charm (Baltimore, MD) April 2017 Transcript...
273
Sean Metcalf
Feb 17, 201713 min read
Trimarc Research: Detecting Kerberoasting Activity
Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without...
6,012
Sean Metcalf
Feb 10, 20174 min read
Trimarc Research: Detecting Password Spraying with Security Event Auditing
A common method attackers leverage as well as many penetration testers and Red Teamers is called "password spraying". Password spraying...
9,138
bottom of page