0 8
1
RFS
1 Min Read

Active Directory Penetration Testing Initial Access Enumeration Gather information about the AD environment, such as domain names, subdomains, DNS records, and AD structure. Vulnerability Assessment Identify vulnerabilities in AD servers and associated systems using vulnerability scanning tools. Prioritize vulnerabilities based on their severity and potential…

RFS
2 Min Read

Red Team Penetration Testing, often referred to as Red Teaming, is an advanced cybersecurity exercise that goes beyond traditional penetration testing. It involves a comprehensive attack simulation conducted by a team of experts who employ strategies and tactics to breach an organization’s security defenses. Red…

RFS
4 Min Read

Auditing Active Directory (AD) is crucial for ensuring security, compliance, and operational efficiency within an organization. Below are best practices for auditing Active Directory effectively: 1. Define Audit Policy Goals Before initiating, clearly define what you aim to achieve through auditing, be it compliance, security…

RFS
2 Min Read

Active Directory (AD) tools for Mac enable Mac users to integrate seamlessly into a Windows Active Directory environment. These tools, such as Microsoft Remote Desktop and third-party applications like Jamf Pro, provide functionalities for user authentication, resource access, and system management. With these tools, administrators…

RFS
7 Min Read

Startup folder Copy payload to startup folder SharpPersist Registry keys Query and set reg key Can use HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce Cleanup reg delete “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run” /v MSUpdate /f Launch programs or set folder items SharpPersist Scheduled task Create, Query and run task Create task the user session is idle for…

0 232
1
RFS
1 Min Read

CVE Description MITRE CVE-2022-21900 Windows AD Elevation of Privilege Link CVE-2022-21884 AD Certificate Services Spoofing Link CVE-2022-21876 Windows AD Elevation of Privilege Link CVE-2022-21853 Netlogon Elevation of Privilege Link CVE-2022-21844 Windows AD Elevation of Privilege Link CVE-2021-40444 MSHTML Remote Code Execution Link CVE-2021-36968 Windows SMB…

RFS
1 Min Read

1. AVET – Anti Virus Evasion Tool Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software. 2. CarbonCopy Tool that creates a spoofed certificate of any online website and signs an Executable for AV evasion. 3. Hyperion Runtime…