Lab of a Penetration Tester
Home of Nikhil "SamratAshok" Mittal
Friday, August 23, 2019
RACE - Minimal Rights and ACE for Active Directory Dominance
I recently spoke at DEF CON 27 on abusing Security Descriptors and ACLs i.e. permissions on Windows machines. You can find the sl...
Thursday, April 18, 2019
How NOT to use the PAM trust - Leveraging Shadow Principals for Cross Forest Attacks
I did a super interesting AD security assessment for a client recently. They are re-deploying their infrastructure and upgrading their for...
Wednesday, October 31, 2018
Using ActiveDirectory module for Domain Enumeration from PowerShell Constrained Language Mode
This is a quick post to make notes of something which I have been using and teaching for sometime. We can use Micorosft's PowerShell ...
Tuesday, October 16, 2018
Forging Trusts for Deception in Active Directory
Deception has always been of interest to me. As a student of military history, I have always been fascinated by its implementation in warfar...
View web version