Strategically Mapping Targets inside the Internal Network CrackMapExec, known as CME, is a useful tool to use during internal pentesting assessments to assess the security of Windows networks. It performs network enumeration and identifies hosts and services while enumerating shares, users, and groups within the network. In Part 1 of…

Testing the Waters: A Guide to External Penetration Testing Methodology As part of a security assessment, an external penetration test simulates an attack on an organization’s systems and defenses from the internet. …

Strategically Mapping Targets inside the Internal Network CrackMapExec, known as CME, is a useful tool to use during internal pentesting assessments to assess the security of Windows networks. It performs network enumeration and identifies hosts and services while enumerating shares, users, and groups within the network. In this article, we…

Guide to Privilege Escalation through Insecure Windows Service Permissions. Windows services are an essential part of the operating system, providing various functions critical to the smooth running of a system. However, services can also be vulnerable to misconfiguration, which attackers can exploit to gain unauthorized access to a system. There…

Advanced WinRM Security: Achieving Passwordless Authentication with Certificate-Based Methods Windows Remote Management (WinRM) is a feature of Windows that allows administrators to manage remote systems — execute commands, manage services, and deploy software. By default, WinRM uses Basic Authentication to authenticate users; this method is simple to set up and…

Learn how to exploit this security risk to gain unauthorized access to resources on the Active Directory domain. Resource-based constrained delegation is a security feature in Active Directory that allows one service or system to delegate its authentication authority to another service or system, granting it limited access to specific…

Identifying CORS Vulnerabilities: Common Attack Vectors and Mitigation Strategies All web browsers implement a security model known as the Same-Origin Policy (SOP) that restricts domains from accessing and retrieving data from other domains’ resources. …

How to run an External Pentest Assessment An external penetration test is a security assessment that simulates an attack on an organization’s systems and defenses from the internet. …

Configure Active Directory Domain Services and Automate Domain Users Creation with PowerShell A domain controller is a server responsible for managing network access, verifying user credentials, and enforcing security policies. …