3 matches found
Metasploit Wrap-Up 05/10/2024
Password Spraying support Multiple bruteforce/login scanner modules have been updated to support a PASSWORDSPRAY module option. This work was completed in pull request 19079 from nrathaus as well as an additional update from our developers . When the password spraying option is set, the order of...
Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)
On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn tools in...
Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing
Executive Summary LDAP channel binding and LDAP signing provide ways to increase the security for communications between LDAP clients and Active Directory domain controllers. A set of unsafe default configurations for LDAP channel binding and LDAP signing exist on Active Directory domain...