Pass-the-Hash is still a nuclear bomb

Introduction Pass-the-Hash is a very old technique, but despite that it’s old. It is still used a lot to attack networks. This blog post was meant for my students to have a better understanding about this technique, but also understand how to mitigate it. Pass-the-Hash forms a part of lateral movement. A Pass-the-Hash attack isContinue reading “Pass-the-Hash is still a nuclear bomb”

Active Directory Security Assessment – ADSA

Active Directory or often described as the ”backbone” of identities, which has been around for 20 years. Is publicly known for managed poorly, and because of this. Attackers have taken their advantages. Since there is a lot of information on the internet on how you can use open-source tools to attack AD. It should notContinue reading “Active Directory Security Assessment – ADSA”

Attacking Active Directory for fun and profit

Active Directory underpins the majority of most organisations their IT infrastructure, which makes it a valuable target for attackers. A lot of (targeted) ransomware attacks have been leveraging through AD, and I often get question on, how attackers are compromising an AD environment, so I thought it would be the right time to publish contentContinue reading “Attacking Active Directory for fun and profit”