Monday, December 6, 2021

Compromising a Domain With the Help of a Spooler

Compromising a Domain With the Help of a Spooler

My job in the Cymulate Research Lab is to craft and implement attack scenarios for Cymulate customers to launch in their environment and increase their cyber-resilience. In this tech-blog post I will show how an attacker can gain access to corporate assets from an initial foothold by combining multiple techniques.

The scenario is performed in two stages. In the first stage we will abuse unconstrained delegation and use techniques to enumerate an…

Read More

Latest news
Related news