Using ScareCrow to Side Load Sliver Shell Code

ScareCow ScareCrow serves as a framework designed for generating payloads that can be sideloaded, rather than injected, into a legitimate Windows process. This sideloading approach allows it to bypass Application Whitelisting controls. After the DLL loader is loaded into memory, it employs a method to eliminate any hooks placed by... [Read More]

Abusing the msds-KeyCredentialLink Propertie in Active Directory - Understanding Shadow Credentials

Using Certipy To Exploit msds-KeyCredentialLink Remotley

What is a Shadow Credential Within Active Directory, both user and computer objects possess an attribute named msds-KeyCredentialLink, which serves as a storage location for raw public keys. These public keys can be used in Kerberos to obtain a Ticket Granting Ticket (TGT). Adding a credential/public key to this attribute... [Read More]
Tags: AD