
AD CS: from ManageCA to RCE
Introduction In our previous article, we covered an engagement where it was necessary to execute the ESC7 attack to esca[...]
Red team & Threat hunting Blog
Introduction In our previous article, we covered an engagement where it was necessary to execute the ESC7 attack to esca[...]
Introduction to AD CS ESC7 Last year, SpecterOps published an in-depth research about the security state in Active Dir[...]
Introduction During a recent Red Team scenario got local admin privileges on a workstation where an EDR solution was ide[...]
Introduction In one of its operations, the Red Team achieved command execution in a perimeter web page as a non-privileg[...]
It is both common and important for the development of a Red Teaming service to obtain information about the technologie[...]
In September this year the security researcher Orange Tsai published various vulnerabilities and P0Cs related to the Mob[...]
More than a year ago, BlackArrow’s Red Team conducted a security analysis of an RFID scanner used by one of its cu[...]
The field of reverse engineering and specifically malware analysis within the Compromise Assessment process is of vital [...]
When performing a penetration test, or a Red Team operation, multiple tools (webshells, proxysocks to tunnel TCP traffic[...]