by Ángel Suárez-Bárcena Martín | Feb 17, 2022 | Exploits, Featured, Labs, News, Newsletter, Techniques, Uncategorized
In this article, we’ll discuss some of the different ways we can execute arbitrary code or commands when we have already obtained Windows domain credentials, either in their plaintext form (user + password) or NTLM hashes. Even though the techniques described here are...
by Austin Ralls | Jan 10, 2022 | Labs, News, Techniques, Tools
BloodHound, available at bloodhound.readthedocs.io, maps Windows Active Directory permissions to a graph database that lets users trace attack paths using a GUI and a query system. To make that more concrete, BloodHound can answer questions such as: Who is allowed to...
by John Poch | Dec 27, 2021 | News, Strategy, Uncategorized, Web
Cybersecurity can be an endless game of cat and mouse, and attackers are constantly looking for ways into your organization. While major Internet and software providers, including the open source community, are constantly improving security technology, a notable area...
by Editor | Nov 18, 2021 | CarveFacts, News, Web
Emails are sent from a source server to a destination server (sometimes through multiple hops) via the SMTP protocol. When you use a webmail client – think Gmail and Yahoo – to send an email, the web server sends emails to its bundled SMTP server and...
by Editor | Nov 10, 2021 | CarveFacts, News, Strategy
Ask any cyber-security professional if using self-signed SSL certificates is acceptable, and they’ll probably say “not really.” Ask why, and we’ll say “we can’t always know who’s behind the screen,” even though we really want to say...
by Austin Ralls | Nov 3, 2021 | Labs, News, Techniques, Tools, Uncategorized
In Carve’s internal engagement service line, we simulate an attacker on a corporate network, which is usually Windows-based. We use a variety of tools to gather information, but we were frustrated by reliability, performance and logging of tools dealing with...