 
        
            
        MSSQL linked servers: abusing ADSI for password retrieval
Introduction When we talk about Microsoft SQL Server linked servers, we usually think of links to another SQL Server ins[...]
 
    Red team & Threat hunting Blog - offensive security
 
        
            
        Introduction When we talk about Microsoft SQL Server linked servers, we usually think of links to another SQL Server ins[...]
 
        
            
        Introduction During a Red Teaming engagement, the exploitation of vulnerabilities in web apps usually offers a good ch[...]
 
        
            
        Introduction In our previous article, we covered an engagement where it was necessary to execute the ESC7 attack to esca[...]
 
        
            
        Introduction to AD CS ESC7 Last year, SpecterOps published an in-depth research about the security state in Active Dir[...]
 
        
            
        Introduction During a recent Red Team operation got local admin privileges on a workstation where an EDR solution was id[...]
 
        
            
        Introduction In one of its operations, the Red Teaming achieved command execution in a perimeter web page as a non-privi[...]
 
        
            
        It is both common and important for the development of a Red Teaming service to obtain information about the technologie[...]
 
        
            
        In September this year the security researcher Orange Tsai published various vulnerabilities and P0Cs related to the Mob[...]
 
        
            
        More than a year ago, BlackArrow’s Red Teamers conducted a security analysis of an RFID scanner used by one of its[...]