Our Blog

Chaining multiple techniques and tools for domain takeover using RBCD

Reading time: ~26 min
Posted by Sergio Lazaro on 09 March 2020
Categories: Active directory, Internals, Bloodhound, Dacls, Mimikatz, Powerview, Rubeus
Intro In this blog post I want to show a simulation of a real-world Resource Based Constrained Delegation attack scenario...

Being Stubborn Pays Off pt. 1 – CVE-2018-19204

Reading time: ~13 min
Posted by Javier Jimenez on 18 April 2019
Categories: Cve, Exploit development, Internals, Webapps, 0day, Cve-2018-19204, Exploit, Prtg network monitor, Web application
Intro During an internal assessment, I came across monitoring software that had default credentials configured. This monitoring software allowed for...

USaBUSe Linux updates

Reading time: ~6 min
Posted by Rogan Dawes on 10 March 2017
Categories: Abuse, Backdoor, Build-it, Conferences, Empire, Exploit, Hardware, Internals, Linux, Metasploit, Programming, Real-world, Research, Shells, Tunnelling
(If you’re new to this project, read the intro first) For the past few months, I’ve been working on porting...

AutoDane at BSides Cape Town

Reading time: ~6 min
Posted by Dane Goodwin on 07 December 2015
Categories: Active directory, B-sides, Conferences, Internals, Post-exploitation, Tools, Zacon
Given the prevalence of Microsoft Active Directory domains as the primary means of managing large corporate networks both globally and...

Something about sudo, Kingcope and re-inventing the wheel

Reading time: ~5 min
Posted by george on 27 May 2013
Categories: Backdoor, Fun, Howto, Infrastructure, Internals, Linux, Local, Post-exploitation, Shells, Silly-yammerings, Tricks
Willems and I are currently on an internal assessment and have popped a couple hundred (thousand?) RHEL machines, which was...