PWN DAT DOMAIN: Becoming domain admin with a little help from Veeam Backup
This post provides a walkthrough of an escalation to domain admin taking advantage of Veeam backups.
Antivirus Evasion: Tearing AMSI Down With 3 Bytes Only
This post aims to showcase one of the many possible techniques for bypassing antivirus solutions through in-memory patching of AMSI instructions.
Love letters from the red team: from e-mail to NTLM hashes with Microsoft Outlook
Introduction A few months ago Will Dormann of CERT/CC published a blog post [1] describing a technique where an adversary could abuse Microsoft Outlook together with OLE objects, a feature of Microsoft Windows since its early days, to force the operating system to leak Net-NTLM hashes. Last year we wrote a blog post [2] […]