Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords.

Authored By: Lance B. Cain and Alexander DeMine

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol. - FalconForceTeam/SOAPHound

The Directory Service is the heart and soul of many organisations, and whether its Active Directory, OpenLDAP or something more exotic, as a source of much knowledge it often acts...

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS). - wh0amitz/SharpADWS

It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID…

Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC - duy-31/CVE-2024-21413

TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchy

This article will demonstrate one situation discovered during a recent cloud penetration test that allowed us to pivot from a Microsoft cloud

In my exploration of all the components and configurations related to the Windows Active Directory Certification Services (ADCS), after the “deep dive” in Cert Publishers group, I decid…

The altSecurityIdentities attribute of Active Directory (AD) computers and users allows you to specify explicit certificate mappings. An…

How MS Exchange on-premises compromises Active Directory and what organizations can do to prevent that

As businesses increasingly migrate their operations to Amazon Web Services (AWS), the significance of robust cloud security measures cannot be overstated. Yet, amidst the promise of unparalleled scalability and efficiency, AWS environments have becom...

I’ve run into many interested hackers who want to learn how to use BloodHound, but struggle to get started. Here’s how to be effective!