Active-Directories

Parsing the msDS-KeyCredentialLink value for ShadowCredentials attack
January 18, 2025
In-depth explanation of the msDS-KeyCredentialLink attribute used in a shadow credentials attack, and how to parse it.
active-directory attribute credentials DNwithBinary ldap msDS-KeyCredentialLink research RSAKeyMaterial shadow windows
Useful LDAP queries for Windows Active Directory pentesting
December 21, 2021
We will see a few common queries to find useful information in LDAP during a Windows Active Directory pentest.
active-directory ldap pentesting windows
Active Directory Sites and Subnets enumeration
November 23, 2021
Enumerating Active Directory sites and subnets is an important part of the enumeration phase. We will see how to extract them from Windows and linux.
active-directory enumeration ldap
Exploiting Windows Group Policy Preferences
May 20, 2021
Group Policy Preferences (GPP) can be very dangerous if they are used to store passwords. To quickly find these in a pentest, we made a tool with Shutdown that crawls and extracts these passwords from Windows shares !
group passwords policy