Hamming Distance & Password Variation
We’ve all had this experience: Your password is required to be changed every so often, and now you’ve got to come up with a new one. While security-conscious people often […]
We’ve all had this experience: Your password is required to be changed every so often, and now you’ve got to come up with a new one. While security-conscious people often […]
It is nearly 2024, and broadcast protocols and lack of SMB signing are still default settings on Microsoft Windows hosts. This means the classic technique of broadcast traffic poisoning to […]
Bypassing Microsoft Defender For Identity Detections On a few recent internal penetration tests, I found common tools and techniques for Active Directory attacks being detected by Microsoft Defender for Identity […]
Health Industry Threats Health industry threats are still on the rise. Healthcare organizations remain a target for threat actors pursuing monetary gain or fulfilling some nation-state’s agenda. As patient care […]
Welcome to Part 2 of the Windows Credential Dumping Protection series! If you are completely unfamiliar with Credential Dumping or LSA Protection, please check out Part 1! What Is LSA […]
What Is Credential Dumping? In a Windows environment, users authenticate to their machines (either locally or remotely) with their username and password. Behind the scenes, Windows hands off all authentication […]
UPDATE: This blog post was written prior to the USB explosive incident in Ecuador. Some edits have been made to note these events. DISCLAIMER* The following blog post describes a […]
On a recent Red Team engagement, White Oak Security had compromised a domain and dumped the Active Directory user password hashes. We attempted to pivot into another domain using shared […]
Let’s bypass another REX sensor on a door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an […]
Let’s bypass another door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an organization’s interior and exterior […]