Red Team Privilege Escalation – RBCD Based Privilege Escalation – Part 2
Overview In part one, we covered a Windows local privilege escalation method we have leveraged during red team engagements that is particularly prevalent on multi-user systems with many installed applications, such as Citrix. In part two, we cover another common local privilege escalation vulnerability we have leveraged within Windows domain environments to escalate privileges on […]
Building a Domain Specific Language for Red Team Payload Generation
This article shares how Praetorian developed a customer YAML-based domain-specific language (DSL) to specify red team dropper behavior.
Inside the Mimikatz Pass-the-Hash Command (Part 2)
Second in a two-part series providing an overview of how the Mimikatz pass-the-hash command works.
Inside the Mimikatz Pass-the-Hash Command (Part 1)
First in a two-part series providing an overview of how the Mimikatz pass-the-hash command works.
A New Tool for Password Spraying Emulation
This article introduces Trident, an open-source cybersecurity tool for emulating password spraying.
Threat Hunting: How to Detect PsExec
This article profiles the use of the PsExec command-line tool as a cyber-attack technique, and how threat hunters can detect it.
Red Team Infrastructure Tooling: Command Line Utilities and U2F
This article shares observations and best practices for red team infrastructure tooling, with a focus on command-line applications to manage server infrastructure.
How to Create a Secure Authentication Scheme for IoT Systems
This article discusses some of the common authentication pitfalls that Praetorian has observed in IoT devices and address ways to fix these problems.
Solving Cybersecurity’s Hardest Problems with Machine Learning
This article provides a glimpse into some of the groundbreaking work that the experts at Praetorian are undertaking, applying Machine Learning to solve some of the industry’s most challenging problems.
Leveraging DevSecOps Practices to Secure Red Team Infrastructure
This article explores how Red Teams can leverage DevSecOps best practices, including automating policy enforcement using OPA for secure Red Team Architecture