Resource-Based Constrained Delegation (RBCD) Attack

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their behalf. This type of delegation is more secure than its predecessors, but it can still be abused and used as a means of lateral movement and privilege escalation. In this...

Exploiting Active Directory Certificate Services (AD CS)

With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component in many enterprise environments. However, the security implications of AD CS have often been overlooked, leaving organizations vulnerable to potential attacks and compromise. In this blog, we will delve into...

Maximizing Active Directory Security: Tips and Best Practices

Active Directory (AD) is integral to many organizations’ IT infrastructures, serving as the repository of user identities, computer accounts, and network resources. However, due to its wide scope and complexity, AD can present serious security risks which must be managed appropriately. In this blog, we will look at some of the best practices for securing...

How to Find and Fix SMB Signing Disabled Vulnerability 

As a cybersecurity professional, I often encounter various vulnerabilities that hackers can exploit to gain unauthorized access to sensitive information. One such vulnerability is SMB signing disabled, commonly found in Microsoft Windows-based networks. SMB signing is crucial in protecting data integrity and preventing unauthorized access. In this blog, I will discuss what SMB signing disabled...

How Weak Passwords in Active Directory Put Your Business at Risk

As a cybersecurity professional, I recognize the necessity of having a safe network for any business. Active Directory is an indispensable tool for managing resources; however, its effectiveness depends on its weakest link – often passwords. Active Directory 101 Active Directory is a directory service used by businesses to manage users, computers and network resources...

The Importance of Regular Active Directory Security Audits

Organizations must give security of their IT infrastructure top priority in the current digital era, when cyber threats are growing more complex. The routine auditing of Active Directory is a crucial element of a strong security strategy. The foundation of a company’s network is Active Directory, which controls user access and permissions. Active Directory has...

Kerberos Attacks – Part 2

In our previous blog post, we discussed the Kerberos authentication and authorization mechanism and a few of their exploits. We also discussed PAC’s significance and how it affects user authorization. In this blog, we will dive deeper into PAC exploits and how attackers can use the PAC in different ways to escalate their privileges in...

Attacking Kerberos Delegation

Kerberos Delegation is a powerful authentication mechanism that allows users and services to securely access resources in an Active Directory environment.   Topics covered:   Basic principles of Kerberos Delegation   Types of delegations, their configuration and how they work   Exploiting constrained delegation  By exploring these topics one by one in our blog, you’ll...

Kerberos Attacks – Part 1

As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos are: Authentication Server (AS), which authenticates user and grants Ticket Granting Ticket (TGT) Ticket Granting Server (TGS), which issues the service tickets (TGS) The main goal of an attacker is...

IPv6 DNS Takeover

Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not realize that although most organizational networks communicate using IPv4, Windows versions since Windows Vista enables IPv6 by default and prefers it over IPv4. We are exploiting this functionality to gain...