Tyranid's Lair
Monday, 3 June 2024
Working your way Around an ACL
›
There's been plenty of recent discussion about Windows 11's Recall feature and how much of it is a garbage fire. Especially a discus...
Monday, 29 April 2024
Relaying Kerberos Authentication from DCOM OXID Resolving
›
Recently, there's been some good research into further exploiting DCOM authentication that I initially reported to Microsoft almost 10 ...
Thursday, 25 April 2024
Issues Resolving Symbols on Windows 11 on ARM64
›
This is a short blog post about an issue I encountered during some development work on my OleViewDotNet tool and how I resolved it. It migh...
Friday, 9 February 2024
Sudo On Windows a Quick Rundown
›
Background The Windows Insider Preview build 26052 just shipped with a sudo command, I thought I'd just take a quick peek to see what it...
Saturday, 16 July 2022
Access Checking Active Directory
›
Like many Windows related technologies Active Directory uses a security descriptor and the access check process to determine what access a u...
Sunday, 26 June 2022
Finding Running RPC Server Information with NtObjectManager
›
When doing security research I regularly use my NtObjectManager PowerShell module to discover and call RPC servers on Windows. Typically I...
›
Home
View web version
