Pentestlab

Administrators typically use Remote Desktop Protocol (RDP) in order to manage Windows environments remotely. It is also typical RDP to be enabled in systems that… Continue reading → Dumping RDP Credentials

AMSI (Antimalware Scan Interface) is a vendor agnostic interface which can communicate with the endpoint in order to prevent execution of malware. The scan performed… Continue reading → Persistence – AMSI

NTLM Relaying is an well-known technique that was mainly used in security assessments in order to establish some sort of foothold on a server in… Continue reading → Remote Potato – From Domain User to Enterprise Admin

PlexTrac is a platform which can be used by internal security teams or consultancies to conduct purple team assessments but it can be used also… Continue reading → PlexTrac – A Platform for Purple Teaming

Services with elevated privileges typically were used in the past as method of privilege escalation or persistence. However a service could be utilized for lateral… Continue reading → Lateral Movement – Services