AS-REP Roasting is a post-exploitation attack technique that targets user accounts in Active Directory (AD) that have the “Do not require Kerberos preauthentication” setting enabled.… AS-REP Roasting ExplainedRead more
XSS – What’s the worst-case scenario?
Cross-Site Scripting (XSS) is often underestimated, but in real-world attacks, it can lead to complete account takeover, data theft, malware injection, and even full system… XSS – What’s the worst-case scenario?Read more
Kerberoasting with Rubeus
This post will walkthrough Kerberoasting attack using Rubeus. Please ensure you have appropriate authorization to perform security testing within your environment. Prerequisites: Step 1: Enumerate… Kerberoasting with RubeusRead more
Kerberoasting – What is it?
Kerberoasting is a post-exploitation attack technique in which an attacker extracts service account credentials from the Kerberos authentication system in a Windows Active Directory (AD)… Kerberoasting – What is it?Read more