How Weak Passwords in Active Directory Put Your Business at Risk

As a cybersecurity professional, I recognize the necessity of having a safe network for any business. Active Directory is an indispensable tool for managing resources; however, its effectiveness depends on its weakest link – often passwords. Active Directory 101 Active Directory is a directory service used by businesses to manage users, computers and network resources...

The Importance of Regular Active Directory Security Audits

Organizations must give security of their IT infrastructure top priority in the current digital era, when cyber threats are growing more complex. The routine auditing of Active Directory is a crucial element of a strong security strategy. The foundation of a company’s network is Active Directory, which controls user access and permissions. Active Directory has...

Kerberos Attacks – Part 2

In our previous blog post, we discussed the Kerberos authentication and authorization mechanism and a few of their exploits. We also discussed PAC’s significance and how it affects user authorization. In this blog, we will dive deeper into PAC exploits and how attackers can use the PAC in different ways to escalate their privileges in...

Attacking Kerberos Delegation

Kerberos Delegation is a powerful authentication mechanism that allows users and services to securely access resources in an Active Directory environment.   Topics covered:   Basic principles of Kerberos Delegation   Types of delegations, their configuration and how they work   Exploiting constrained delegation  By exploring these topics one by one in our blog, you’ll...

Kerberos Attacks – Part 1

As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos are: Authentication Server (AS), which authenticates user and grants Ticket Granting Ticket (TGT) Ticket Granting Server (TGS), which issues the service tickets (TGS) The main goal of an attacker is...

IPv6 DNS Takeover

Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not realize that although most organizational networks communicate using IPv4, Windows versions since Windows Vista enables IPv6 by default and prefers it over IPv4. We are exploiting this functionality to gain...

Active Directory Basics

The number of resources such as users, databases, or servers managed in organizations poses questions about accountability as firms adjust to industry needs and norms. Additionally, the dispersed structure of managing the infrastructure and its procedures makes it challenging for enterprises to monitor employee activity. This makes it simpler for attackers to access the network’s...