Category: Infrastructure

Infrastructure

Attacking MSSQL

Compromising MSSQL databases, and escalating privileges.

Infrastructure

Golden gMSA Attacks

Extracting gMSA service accounts from child domains.

Infrastructure

SID History Abuse

Modifying SID History values to compromise parent domains.

Infrastructure

Backup Operator Privilege Escalation

Extracting domain controller credentials using the Backup Operators group.

Infrastructure

Active Directory Explorer

Using Microsoft AD Explorer to collect Active Directory attack path information.

Infrastructure

Active Directory DACL Attacks

Exploiting misconfigured Active Directory access control lists.

Infrastructure

Entra ID Connect

Extracting credentials from Azure Entra Connect.

Infrastructure

Coerced Authentication

Persuading Windows hosts to provide machine account credentials.

Infrastructure

IPv6 Penetration Testing

Testing IPv6 security.

Infrastructure

Bypassing Multi Factor Authentication

Intercepting multi factor authentication credentials using an Nginx reverse proxy.

Infrastructure

Phishing

Sending Phishing emails to capture login credentials.

Infrastructure

Terraform

Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.