Tyranid's Lair

Monday, 3 June 2024

Working your way Around an ACL

›
There's been plenty of recent discussion about Windows 11's Recall feature and how much of it is a garbage fire. Especially a discus...
Monday, 29 April 2024

Relaying Kerberos Authentication from DCOM OXID Resolving

›
Recently, there's been some good research into further exploiting DCOM authentication that I initially reported to Microsoft almost 10 ...
Thursday, 25 April 2024

Issues Resolving Symbols on Windows 11 on ARM64

›
This is a short blog post about an issue I encountered during some development work on my OleViewDotNet tool and how I resolved it. It migh...
Friday, 9 February 2024

Sudo On Windows a Quick Rundown

›
Background The Windows Insider Preview build 26052 just shipped with a sudo command, I thought I'd just take a quick peek to see what it...
Saturday, 16 July 2022

Access Checking Active Directory

›
Like many Windows related technologies Active Directory uses a security descriptor and the access check process to determine what access a u...
Sunday, 26 June 2022

Finding Running RPC Server Information with NtObjectManager

›
When doing security research I regularly use my NtObjectManager PowerShell module to discover and call RPC servers on Windows. Typically I...
›
Home
View web version
Powered by Blogger.