Using PetitPotam to NTLM relay to Domain Administrator

From Stranger to DA // Using PetitPotam to NTLM relay to Domain Administrator

Knock knock, who’s there? Your new DA!

Several vulnerabilities that have been recently disclosed, namely:

MS-EFSRPC – AKA PetitPotam

– AKA PetitPotam Credential Relaying abusing the AD CS role

Any attacker with internal network access, such as a phished client or a malicious planted device in the network, can take over the entire Active Directory domain without any initial credentials. Domain Controllers and AD CS…

Using PetitPotam to NTLM relay to Domain Administrator

Mediator – An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Editor Picks

Threat Hunting With Yara Rules

Certified Pre-Owned Detection Ideas

Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis

Must read

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Popular categories