Added sAMAccountName Spoofing techniques and tools
parent
b5ab114a9f
commit
2293baced6
|
@ -62,6 +62,10 @@ This document was designed to be a useful, informational asset for those looking
|
|||
|
||||
## Privilege Escalation
|
||||
|
||||
### sAMAccountName Spoofing
|
||||
* [sAMAccountName spoofing](https://www.thehacker.recipes/ad/movement/kerberos/samaccountname-spoofing)
|
||||
* [CVE-2021-42287/CVE-2021-42278 Weaponisation](https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html)
|
||||
|
||||
### Abusing Active Directory Certificate Services
|
||||
* [Certified Pre-Owned](https://posts.specterops.io/certified-pre-owned-d95910965cd2)
|
||||
|
||||
|
@ -377,7 +381,9 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c
|
|||
* [Stormspotter](https://github.com/Azure/Stormspotter) - Stormspotter creates an “attack graph” of the resources in an Azure subscription.
|
||||
* [AADInternals](https://github.com/Gerenios/AADInternals) - AADInternals is PowerShell module for administering Azure AD and Office 365
|
||||
* [MicroBurst: A PowerShell Toolkit for Attacking Azure](https://github.com/NetSPI/MicroBurst) - MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping.
|
||||
|
||||
* [sam-the-admin](https://github.com/WazeHell/sam-the-admin) - Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
|
||||
* [CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.](https://github.com/cube0x0/noPac) - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. Yet another low effort domain user to domain admin exploit.
|
||||
*
|
||||
## Ebooks
|
||||
* [The Dog Whisperer’s Handbook – A Hacker’s Guide to the BloodHound Galaxy](https://www.ernw.de/download/BloodHoundWorkshop/ERNW_DogWhispererHandbook.pdf)
|
||||
* [Varonis eBook: Pen Testing Active Directory Environments](https://www.varonis.com/blog/varonis-ebook-pen-testing-active-directory-environments/)
|
||||
|
|
Loading…
Reference in New Issue