Identifying & Bypassing Responder Detections
It is nearly 2024, and broadcast protocols and lack of SMB signing are still default settings on Microsoft Windows hosts. This means the classic technique of broadcast traffic poisoning to […]
Bypassing defenses
Flying Under The Radar – An Introductory Guide To Bypassing Microsoft Defender For Identity Detections
Bypassing Microsoft Defender For Identity Detections On a few recent internal penetration tests, I found common tools and techniques for Active Directory attacks being detected by Microsoft Defender for Identity […]
Credential Dumping Protections: Part 2 – Bypass LSA Protection
Welcome to Part 2 of the Windows Credential Dumping Protection series! If you are completely unfamiliar with Credential Dumping or LSA Protection, please check out Part 1! What Is LSA […]
Bypassing Doors – Part 4: Compressed Air
Let’s bypass another REX sensor on a door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an […]
Bypassing Doors – Part 3: REX Sensor
Let’s bypass another door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an organization’s interior and exterior […]
Bypassing Doors – Part 1: UTDT
Physical red team attacks are something we are passionate about at White Oak Security. Ever wonder how we open doors we don’t have access to? The Bypassing Doors blog series […]
Bypassing Defenses: Symantec Endpoint Protection
In this edition of Bypassing Defenses, we’ll highlight how we were able to bypass the Endpoint Detection and Response (EDR) solution Symantec Endpoint Protection on a recent Red Team engagement, […]