Some time ago, Microsoft released a security patch that changed the way Kerberos tickets are created and validated. Bye-bye golden tickets! Bye-bye golden tickets? Let’s see how to forge tickets in 2023 with Impacket.
A new PR merged: MSSQL and the xp_dirtree procedure. You know the rest. Let’s talk about NTLM authentication coercion methods using Impacket.
NTLM relay is a well-known technique that has been with us for many years and never seems to go away. In this article you’ll find a technical guide on how to relaying credentials everywhere in 2022.
Some time ago Microsoft released a new feature that allows SSO to on-premises resources using security keys. This brought with it the return of the Read Only Domain Controllers and a new credential gathering vector. Let’s take a look at The Kerberos Key List attack.
The NTLM relay attack is a well-known attack method that has been around for many years… and never seems to go away. So, why not explore new approaches to this attack technique? Let me introduce you to the SMB multi-relay feature.
In mid-June, an attacker broke into a few of Reddit’s systems and managed to access some user data using compromised employee accounts. It could be another data breach, but it’s not. Why? The compromised accounts were protected by SMS-based 2FA. Is basic two-factor authentication no longer enough?
For some time, websites that used 2FA reported a significant drop in phishing attacks. However, as soon as new security technologies emerge, new techniques arise to exploit them. Real-time phishing is a tactic that allows scammers to bypass 2FA. How do they do it?