BITSADMIN Blog - Mystery guest in your IT infrastructure
RSS Feed

Articles

  • Living Off the Foreign Land - Part 1/3: Setup Linux VM for SOCKS routing

    Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The first part in this 3-part article discusses how to setup the Linux VM to transparently tunnel traffic over SOCKS. This enables an Offensive Windows VM to natively use Kerberos to interact with systems in the target network.

    Read More »

  • Living Off the Foreign Land - Part 2/3: Configuring the Offensive Windows VM

    Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The second part in this 3-part article discusses how to configure the Offensive Windows VM so it can use Kerberos authentication with the target network, and also how to obtain various types of credentials and them use them from the Offensive Windows VM.

    Read More »

  • Living Off the Foreign Land - Part 3/3: Using Windows as Offensive Platform

    Living Off the Foreign Land (LOFL) allows attackers to use Windows' built-in powerful tooling (LOFLCABs) to attack remote systems. The last part in this 3-part article discusses the various LOFL Cmdlets and Binaries (CABs) that can be used to attack systems in the target network, and also provides pointers on how these attacks can be detected.

    Read More »

  • Digging for Secrets on Corporate Shares

    Sometimes during red team engagements there is no obvious path to escalate and the only way to move forward is to perform an evaluation of the filesystem and network shares. This article discusses how to perform such evaluation efficiently to find the needles in the haystack.

    Read More »

  • Dealing with large BloodHound datasets

    Article discussing some of the challenges I faced importing large datasets into BloodHound including some scripts to overcome these challenges. Additionally some tricks are discussed on how to use Neo4j's Cypher language from PowerShell to get the right results quickly.

    Read More »