Our Blog

ACE to RCE

Reading time: ~20 min
tl;dr: In this writeup I am going to describe how to abuse a GenericWrite ACE misconfiguration in Active Directory to...

Attacking smart cards in active directory

Reading time: ~9 min
Introduction Recently, I encountered a fully password-less environment. Every employee in this company had their own smart card that they...

Chaining multiple techniques and tools for domain takeover using RBCD

Reading time: ~26 min
Intro In this blog post I want to show a simulation of a real-world Resource Based Constrained Delegation attack scenario...

A new look at null sessions and user enumeration

Reading time: ~23 min
Hello, TLDR; I think I found three new ways to do user enumeration on Windows domain controllers, and I wrote...

AutoDane at BSides Cape Town

Reading time: ~6 min
Given the prevalence of Microsoft Active Directory domains as the primary means of managing large corporate networks both globally and...