Adding a domain trust exploitation scenario to our hacklab, working from the guidance on @spotheplanet's iRed.team notes. This first part of two covers deploying the environment. The second will involve creating randomised targets.
aidanmitchell.uk/orchestrati…
Heavily inspired by @spotheplanet 's code, that is my implementation of the NTDLL frefreshing technique for hook removal using Cobalt Strike's Beacon Object Files (BOFs):
gitlab.com/riccardo.ancarani…
Today @_wald0, @CptJesus, and I are releasing #AzureHound, the cloud component to #BloodHound. To be able to work with them on my favorite tool was an absolute honor. Many long coding nights, several meetings, and tons of research have built up to now. specterops.io/so-con2020/eve…