Discover and read the best of Twitter Threads about #ADCS
Most recents (4)
1/ I presented 10 #ActiveDirectory hardening measures a few weeks ago, and I will tweet my recommendations in the next ten days.
The list is neither prioritised nor complete, but it might give companies and administrators good input on improving (AD) security.
🧵 #CyberSecurity
The list is neither prioritised nor complete, but it might give companies and administrators good input on improving (AD) security.
🧵 #CyberSecurity
2/ Number #1 of the Active Directory hardening measures:
#ADCS (Active Directory Certificate Services)
#ADCS (Active Directory Certificate Services)
3/ The whitepaper Certified Pre-Owned: Abusing Active Directory Certificate Services by Will Schroeder and Lee Christensen showcased new possibilities and attack vectors to gain domain administrative rights as an attacker. [1]
1) Welcome to a new #accredited #tweetorial, "Utilizing Immunohistochemistry Testing, Biomarkers, and Targeted Therapeutics to Optimize Outcomes in Patients with NSCLC," featuring the highlights of a symposium presented at the #ESMOIO22 congress.
@myESMO #LCSM #FOAMed
@myESMO #LCSM #FOAMed
2) The faculty for this outstanding program were @peters_solange (Chair) 🇨🇭, @HosseinBorghaei 🇺🇸, Natasha Leighl MD 🇨🇦, and @dplanchard 🇫🇷. A truly international roster of experts in #oncology!
Don't miss prior accredited courses in this space at oncologytweetorials-ce.com/category/lung-….
Don't miss prior accredited courses in this space at oncologytweetorials-ce.com/category/lung-….
3) This program is supported by an educational grant from Sanofi. Statement of accreditation and author disclosures are at oncologytweetorials-ce.com/disclosures/.
🧶 (1/) Reproducing Masky Thread
So it’s a relaxing Friday evening to play with the new awesome #Masky tool by @_ZakSec. I’ll show you here how to reproduce its behavior with #CrackMapExec, #Impacket, #Sliver, #Certify and #Certipy.
Let’s go! ⤵️
#pentest #adcs
So it’s a relaxing Friday evening to play with the new awesome #Masky tool by @_ZakSec. I’ll show you here how to reproduce its behavior with #CrackMapExec, #Impacket, #Sliver, #Certify and #Certipy.
Let’s go! ⤵️
#pentest #adcs
🧶 (2/) First things first, I shall enumerate AD CS environment with #CrackMapExec and qwinsta the Victim machine via newly introduced tstool[.]py from #Impacket (thx @nopernik!). For the purpose of this demo I’ll use a DA account to interact with the Victim but any LA will do 👨🏻💻
🧶 (3/) I shall now prepare my team server and generate an encrypted Sliver beacon to use it with DInjector 💉
🧵 (1/x) Reanimating ADCSPwn thread (in a simple way) ⏬
You all know this great tool by @_batsec_, but unfortunately Microsoft broke it with one of those anti-PetitPotam patches a while ago ⏬
github.com/bats3c/ADCSPwn…
#lpe #adcs #petitpotam #webdav
You all know this great tool by @_batsec_, but unfortunately Microsoft broke it with one of those anti-PetitPotam patches a while ago ⏬
github.com/bats3c/ADCSPwn…
#lpe #adcs #petitpotam #webdav
🧵 (2/x) So that now the execution hangs like follows ⏬
🧵 (3/x) But guess what, there’s another super cool tool – Coercer (by @podalirius_) – which can be used to trigger the authentication with a different API that is not affected by the ad-hoc check provided in the patch ⏬
