July 2023

GPO Abuse

July 31, 2023

Group Policy Objects (GPOs) are a powerful tool administrators use to manage and enforce security policies across a domain. However, in the wrong hands, GPOs

Fox-hooded figure managing multiple servers and monitors, representing command and control (C2) frameworks in cybersecurity.

Introduction to C2 Frameworks

July 27, 2023

Command and Control (C2) frameworks have emerged as a sophisticated and consequential dimension in the ever-evolving cybersecurity landscape. These frameworks are commonly employed by threat

Fox-hooded figure analyzing server access logs, symbolizing cybersecurity risks from ACL misconfigurations.

Abusing ACL Misconfigurations

July 25, 2023

Access Control Lists (ACLs) are a crucial component of securing data and resources in an IT infrastructure. By assigning permissions to users and groups, ACLs

Fox-hooded analyst at a multi-monitor station overlooking a neon city, symbolizing using Shodan to find internet-accessible devices for security research.

Discovering Internet Accessible Devices with Shodan

July 24, 2023

In the vast landscape of the internet, a hidden world of devices is waiting to be discovered. These devices, ranging from servers and routers to

A fox-hooded figure works on multiple glowing monitors in a neon-lit cyber lab, symbolizing the power of the Covenant C2 Framework.

Power of Covenant C2 Framework

July 22, 2023

In the ever-evolving world of cybersecurity, staying one step ahead of malicious actors is crucial. Command and control (C2) frameworks play a vital role in

DOM-Based Cross-Site Scripting

July 21, 2023

As the digital landscape continues to evolve, so do the threats that target web applications. Cross-site scripting (XSS) remains a persistent and dangerous vulnerability among

A fox-hooded figure holding a device analyzes glowing screens with code in a neon-lit lab, symbolizing CRLF injection attacks.

Understanding CRLF Injection Attacks

July 19, 2023

In web security, CRLF Injection Attacks remain a potent threat. This blog aims to provide comprehensive insight into this malicious technique, its implications, and the

Fox-in-hoodie at workstation overlooking city — visual for a guide on Active Directory Certificate Services (AD CS) abuse and defensive controls.

Exploiting MS SQL Servers

July 18, 2023

As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular

BloodHound Cheat Sheet

July 17, 2023

BloodHound is a powerful security tool that uses graph theory to reveal the relationships between users, groups, and computers in a domain. In this comprehensive

Resource-Based Constrained Delegation (RBCD) Attack

July 15, 2023

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their

AS-REP Roasting

July 15, 2023

‍Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it

Fox in a red hoodie overlooking city lights and rack servers — visual metaphor for Active Directory Certificate Services threat analysis and defensive research.

Exploiting Active Directory Certificate Services (AD CS)

July 13, 2023

With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component