Author: MichelleVermishelle

How often do you encounter a much-desired domain admin session on an outdated Windows 7 workstation? In the hands of a hacker pentester, this admin account is a ‘master key’ that can unlock the entire network. But imagine that an evil antivirus prevents you…

As you are likely aware, Windows assigns a unique session to each user logging into the system. And if somebody logs into an already hacked device, you can hijack that person’s session. This article discusses a promising privilege escalation technique: the attacker steals users’…

Kerberos offers plenty of user authentication features. Its main ‘bricks’ are tickets; in the course of penetration testing, the attacker dumps such tickets from the LSASS process memory at least once. Today, I will explain how this operation can be performed without sophisticated hacker…

To implement a number of pass-the-ticket attacks, you have to inject a Kerberos ticket into the compromised system. Such tools as Mimikatz, Impacket, or Rubeus can be used for this purpose, but they are easily detected by antiviruses, thus, making this approach ineffective. In this…

In Windows, privileges play a key role: only the admin has the authority to grant special rights to users so that they can perform their tasks. This article discusses a software tool called Privileger: it enables you to search the system for accounts with certain…

In Windows, most security mechanisms are based on user account passwords. Today, you will learn several techniques making it possible to intercept a password at the time of user authentication and write code that automates this process.