The goal of this post is to understand how Kerberos Delegation, how resolves the two-hop-problem and what attacks paths arise with bad implementations. This post are the notes taken from the @attl...

The Import Address Table (IAT) holds crucial data about a PE file, including the functions utilized and the DLLs that export them. Such data is pivotal for signature-based detection of binaries. In...

Process argument spoofing involves concealing the command-line arguments of a newly spawned process. This tactic aims to enable command execution without disclosing the commands to logging services...

In this post, we’ll delve into how Windows handles credentials to achieve SSO and how we can capitalize on it. First, we’ll discuss the various types of authentications available. Then, we’ll explo...

The goal of this post is to understand how Kerberos works and, most importantly, why it works the way it does. Kerberos is the primary authentication protocol in Active Directory, essential for sec...