BITSADMIN Blog - Mystery guest in your IT infrastructure
RSS Feed


  • Digging for secrets on corporate shares

    Sometimes during red team engagements there is no obvious path to escalate and the only way to move forward is to perform an evaluation of the filesystem and network shares. This article discusses how to perform such evaluation efficiently to find the needles in the haystack.

    Read More »

  • Dealing with large BloodHound datasets

    Article discussing some of the challenges I faced importing large datasets into BloodHound including some scripts to overcome these challenges. Additionally some tricks are discussed on how to use Neo4j's Cypher language from PowerShell to get the right results quickly.

    Read More »

  • Windows Security Updates for Hackers

    Windows versions, releases and patch levels are a rather complex matter. This post brings structure in how Windows versioning and patching works and how to identify which vulnerabilities a Windows installation is vulnerable to.

    Read More »

  • Spying on users using Remote Desktop Shadowing - Living off the Land

    How to spy on users on remote computers making only use of Windows' built-in functionality? This post will explain the steps to (ab)use Windows' Remote Desktop feature to view a remote user's desktop using native Windows functionality without them noticing it.

    Read More »

  • Extracting credentials from a remote Windows system - Living off the Land

    How to obtain the credentials from a remote machine or Domain Controller making only use of Windows' built-in functionality? This post will go through the steps of using WMI and SMB in PowerShell from an attacker Windows machine to get hold of the remote files storing the credentials and subsequently extracting them.

    Read More »