Blog

GPO Abuse

Group Policy Objects (GPOs) are a powerful tool administrators use to manage and enforce security policies across a domain. However, in the wrong hands, GPOs

July 31, 2023

Fox-hooded figure managing multiple servers and monitors, representing command and control (C2) frameworks in cybersecurity.

Introduction to C2 Frameworks

Command and Control (C2) frameworks have emerged as a sophisticated and consequential dimension in the ever-evolving cybersecurity landscape. These frameworks are commonly employed by threat

July 27, 2023

Fox-hooded figure analyzing server access logs, symbolizing cybersecurity risks from ACL misconfigurations.

Abusing ACL Misconfigurations

Access Control Lists (ACLs) are a crucial component of securing data and resources in an IT infrastructure. By assigning permissions to users and groups, ACLs

July 25, 2023

Fox-hooded analyst at a multi-monitor station overlooking a neon city, symbolizing using Shodan to find internet-accessible devices for security research.

Discovering Internet Accessible Devices with Shodan

In the vast landscape of the internet, a hidden world of devices is waiting to be discovered. These devices, ranging from servers and routers to

July 24, 2023

A fox-hooded figure works on multiple glowing monitors in a neon-lit cyber lab, symbolizing the power of the Covenant C2 Framework.

Power of Covenant C2 Framework

In the ever-evolving world of cybersecurity, staying one step ahead of malicious actors is crucial. Command and control (C2) frameworks play a vital role in

July 22, 2023

DOM-Based Cross-Site Scripting

As the digital landscape continues to evolve, so do the threats that target web applications. Cross-site scripting (XSS) remains a persistent and dangerous vulnerability among

July 21, 2023

A fox-hooded figure holding a device analyzes glowing screens with code in a neon-lit lab, symbolizing CRLF injection attacks.

Understanding CRLF Injection Attacks

In web security, CRLF Injection Attacks remain a potent threat. This blog aims to provide comprehensive insight into this malicious technique, its implications, and the

July 19, 2023

Fox-in-hoodie at workstation overlooking city — visual for a guide on Active Directory Certificate Services (AD CS) abuse and defensive controls.

Exploiting MS SQL Servers

As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular

July 18, 2023

BloodHound Cheat Sheet

BloodHound is a powerful security tool that uses graph theory to reveal the relationships between users, groups, and computers in a domain. In this comprehensive

July 17, 2023

Resource-Based Constrained Delegation (RBCD) Attack

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their

July 15, 2023

AS-REP Roasting

‍Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it

July 15, 2023

Fox in a red hoodie overlooking city lights and rack servers — visual metaphor for Active Directory Certificate Services threat analysis and defensive research.

Exploiting Active Directory Certificate Services (AD CS)

With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component

July 13, 2023