Security enthusiast, Likes Windows Internals & AD

Joined February 2017
Starting a series about Offensive Windows IPC Internals at csandker.io/. Starting off with Named Pipes: csandker.io/2021/01/10/Offen… Also added an RSS feed and finally took the time to add my growing History of Windows timeline ❤️ (csandker.io/win-history/)
9
115
237
Could be something for @DirectoryRanger
0
0
0
Found an RCE in an open/unauthenticated RServe service today. If you come across an open TCP/6311 service that answers a HTTP request with something like "Rsrv0103QAP1" ..here's how to get Code Exec. gist.github.com/csandker/c92…
0
2
8
Published another old(er) blog post: A Windows Authorization Guide csandker.io/2018/06/14/AWind… This one covers the Windows Authorization process In and Out, from Basic Access checks to Primary & Impersonation Tokens... Including this tricky PtH question (see screenshot below):
1
7
11
Finally... found some time and published some of my older articles at csandker.io/ Next to other bits&pieces check: Kerberos Wrap-Up: csandker.io/2017/09/12/Kerbe… + Delegation Wrap-Up: csandker.io/2020/02/10/Kerbe… + Delegation Reference: csandker.io/2020/02/15/Kerbe… More to come..
0
0
1
Grab a coffee and settle in for our German language webinar at 10.30am (UTC+2). Our Lead Security Consultant @0xcsandker will tell you all about how our clients prepare for cyber attacks and how you can train your own team. Last minute registration? ow.ly/ShGJ50ztW5E
0
2
1
Unser Lead Security Consultant @0xcsandker spricht am 7. Mai in unserem Webinar darüber, wie Kombinationen von klassischen Penetrationstests, Red-Teaming sowie Response Dienstleistungen helfen können Sicherheitsvorfälle zu trainieren. ow.ly/AJMq50zqpw2
0
2
0
Spend the last few idle isolation days building a PlayBook application that can be self-hosted and integrates into existing knowledge bases. All based on MD. Copy+Paste Images, Upload content from various sources and more... Check it out: github.com/csandker/Playbook…
0
1
2
Spend some hours getting my head around Kerberos Delegation, here's some references that some might find useful. PS Snippets here: gist.github.com/csandker/a41… Shoutout to @elad_shamir @harmj0y @tifkin_, thanks for your great public resources on this!
0
1
2