Domain Persistence – Machine Account

Machine accounts play a role in red team operations as in a number of techniques are utilized for privilege escalation, lateral movement and domain escalation.… Continue reading - Domain Persistence - Machine Account...

Domain Persistence – AdminSDHolder

Utilizing existing Microsoft features for offensive operations is very common during red team assessments as it provides the opportunity to blend in with the environment… Continue reading - Domain Persistence - AdminSDHolder...

Domain Persistence – AdminSDHolder

Utilizing existing Microsoft features for offensive operations is very common during red team assessments as it provides the opportunity to blend in with the environment… Continue reading - Domain Persistence - AdminSDHolder...

Golden Certificate

Domain persistence techniques enable red teams that have compromised the domain to operate with the highest level of privileges in a large period. One of… Continue reading - Golden Certificate...

Golden Certificate

Domain persistence techniques enable red teams that have compromised the domain to operate with the highest level of privileges in a large period. One of… Continue reading - Golden Certificate...

DCShadow

The DCShadow is an attack which tries to modify existing data in the Active Directory by using legitimate API's which are used by domain controllers. This technique can be used in a workstation as a post-domain compromise tactic for establishing domain persistence bypassing most SIEM solutions...