Compiling a Mimikatz Module for Dumping Citrix Credz

Sometimes, the good old credential dumping techniques just won't work. This is the story of how a bad actor could dump credentials on a fully-patched,…

Read more

Compass Incident Handling and Forensics Number Crunching

The anonymous data on our cases allows us to answer the question "What is a typical DFIR case at Compass Security?" and we conclude its the analysis,…

Read more

Level-up your Detection Game

Red Teaming exercises are getting popular with the growth of security operations centers. These attack simulations aim to help companies improve their…

Read more

The Threat, the Fox, and the Sentinel

Nowadays more and more security tools are used to monitor and generate alerts from different sources (EDR, Proxy, etc.).These alerts often contains…

Read more

Relaying to AD Certificate Services over RPC

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since…

Read more