Primary Group Behavior, Reporting and Exploitation
Introduction If you’ve administered Active Directory (AD) for any significant time, chances are you’ve come across the primaryGroupID...
top of page
Search
Jake Hildreth
- May 23
- 1 min
Video: BSides Charm 2023 - AD & DNS: A Match Made in Heck
Download Jake and Jims slides here!
8230
Jake Hildreth
- Dec 16, 2022
- 1 min
Video: Protecting Users with “Protected Users”
Despite being around for 9 years, organizations are unaware that the Protected Users AD group exists let alone its benefits. In this...
7260
Brandon Colley
- Jul 1, 2022
- 7 min
Push Comes To Shove: exploring the attack surface of SCCM Client Push Accounts
Editors Note: Part 2 of this series is now published! Head over after you've finished reading Part 1. Introduction Did you know that...
9,7950
Sean Metcalf
- Jun 24, 2022
- 2 min
Webcast: Top 10 Ways to Improve Active Directory Security Quickly
This Trimarc Webcast provides information about current AD attack methods attackers are leveraging to compromise Active Directory and 10 thi
7,0000
Scott Blake
- Nov 19, 2021
- 8 min
Implementing Controls in Active Directory: Protecting Against Privileged Credential Sprawl
Protecting Against Privileged Credential Sprawl. Highly privileged accounts are often used to perform tasks on systems.
9,2350
Scott Blake
- Jan 22, 2021
- 6 min
LDAP Channel Binding and Signing
The initial fuss around Microsoft “forcing” customers into LDAP channel binding and LDAP signing (January 2020, March 2020, second half...
12,3040
Sean Metcalf
- Dec 10, 2020
- 14 min
Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory
Introduction & Attack Overview Jake Karnes (@jakekarnes42) with NetSPI published 3 articles (that’s right 3!) describing a new attack...
3,3010
Scott Blake
- Oct 28, 2020
- 5 min
Securing Microsoft Azure AD Connect
With more and more organizations moving to the cloud, specifically Azure Active Directory/Microsoft 365 (formerly Office 365), Trimarc...
9,1110
Sean Metcalf
- Sep 3, 2020
- 6 min
Escalating to Domain Admin in Microsoft’s Cloud Hosted Active Directory (Azure AD Domain Services)
the attacker could compromise the Azure AD Domain Services domain and persist at the Domain Controller and/or domain level
2,8000
Sean Metcalf
- Aug 6, 2020
- 10 min
The Art of the Honeypot Account: Making the Unusual Look Normal
I have had the idea for a post describing how to best create a honeypot (or honeytoken) account for many years and only recently gained...
13,4500
Sean Metcalf
- Jul 17, 2020
- 1 min
Webcast: Securing Active Directory: Protecting AD Administration
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers common issues with AD administration, how...
4,1450
Scott Blake
- Jul 14, 2020
- 7 min
Trimarc’s Take: 12 Steps for Better Password Management
Passwords, while serving a crucial role in identity, have unfortunately morphed into the dreaded necessary evil territory. This is easily...
2,5510
Sean Metcalf
- Jun 23, 2020
- 14 min
Securing Active Directory: Performing an Active Directory Security Review
During the Trimarc Webcast on June 17, 2020, Sean Metcalf covered a number of Active Directory (AD) components and areas that should be...
46,8990
Sean Metcalf
- Jun 17, 2020
- 1 min
Webcast: Securing Active Directory: Performing Your Own AD Security Review
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...
5,7320
Sean Metcalf
- May 27, 2020
- 8 min
From Azure AD to Active Directory (via Azure) – An Unanticipated Attack Path
While Azure leverages Azure Active Directory for some things, Azure AD roles don’t directly affect Azure (or Azure RBAC) typically. This...
7730
Sean Metcalf
- May 18, 2020
- 1 min
Webcast: Securing Active Directory: Resolving Common Issues
Trimarc Founder and Active Directory Security Subject Matter Expert, Sean Metcalf, covers how to improve the security of your Active...
2,5130
Sean Metcalf
- May 15, 2020
- 1 min
Webcast: Quest TEC Talk Office 365 & Azure Active Directory 10 Security Actions to Take Now
Slides and Video Available! From the Quest TEC Talk Series. Trimarc founder Sean Metcalf, Microsoft Certified Master, on the 10 security...
990
Sean Metcalf
- Mar 21, 2019
- 6 min
There’s Something About Service Accounts
Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost...
8850
-
- Feb 12, 2019
- 7 min
Mitigating Exchange Permission Paths to Domain Admins in Active Directory
A blog post was published by Dirk-jan Mollema titled "Abusing Exchange: One API call away from Domain Admin " (https://dirkjanm.io/abusin...
1,8220
bottom of page