Research and technical discoveries by Shelltrail's security experts.
The post walks through the usage and the security considerations of domain join accounts used in Active Directory
The post explains the process of finding and exploiting three vulnerabilities found in the IXON VPN client.
A security issue in Sitevision version 10.3.1 and older allows remote attacker, in certain scenarios, to gain access signing keys used for Authn SAML requests.
Follow along a journey to find vulnerabilities in the RPC functionaliy of ManageEngine ADAudit
Part 2 of the ManageEngine ADAudit research focuses on reverse engineering the ADAudit Agent to provide proper input data for the previously built custom RPC client
Part 3 of the ManageEngine ADAudit research focuses on how AES encrpytion was implemented in the ADAudit Agent, and how it was bypassed
Have you ever had issues with CSRF tokens during a web assessment? Or drop data from burp to commandline for parsing? This is the guide to leverage the power of the Reshaper plugin developed by @ddwightx
New research into an (legacy) extension for Microsoft Endpoint Configuration Manager/SCCM/ConfigMgr reveal new attack paths for Active Directory domain compromise or elevation of privileges.
cmloot.py introduces new angles to exploit Configuration Manager, which has become the new black in internal security assessments of Active Directory environments.
