Compiling a Mimikatz Module for Dumping Citrix Credz

Sometimes, the good old credential dumping techniques just won't work. This is the story of how a bad actor could dump credentials on a fully-patched,…

Weiterlesen

Compass Incident Handling and Forensics Number Crunching

The anonymous data on our cases allows us to answer the question "What is a typical DFIR case at Compass Security?" and we conclude its the analysis,…

Weiterlesen

Level-up your Detection Game

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their…

Weiterlesen

The Threat, the Fox, and the Sentinel

Nowadays more and more security tools are used to monitor and generate alerts from different sources (EDR, Proxy, etc.).These alerts often contains…

Weiterlesen

Relaying to AD Certificate Services over RPC

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since…

Weiterlesen