Mandiant has disseminated an exhaustive repository of rainbow tables engineered to decrypt the antiquated Net-NTLMv1 protocol. This initiative is designed to accelerate the obsolescence of a technology deemed insecure since the late 1990s. Notwithstanding...
Since the dawn of 2025, the threat intelligence practitioners at Cisco Talos have documented the persistent operations of a collective designated as UAT-8837. This entity is attributed to Chinese interests based on significant overlaps...
Fortinet has warned administrators that real-world attacks are once again exploiting the vulnerability FG-IR-19-283 (CVE-2020-12812), first disclosed in July 2020. Under certain FortiGate configurations, the flaw allows attackers to bypass two-factor authentication and log...
SAMLSmith is a C# tool for generating custom SAML responses and implementing Silver SAML and Golden SAML attacks. It provides comprehensive functionality for security researchers and penetration testers working with SAML-based authentication systems. Use...
GroupPolicyBackdoor is a python utility for Group Policy Objects (GPOs) manipulation and exploitation. GPO attack vectors can very often lead to impactful privilege escalation scenarios in Active Directory environments. And yet, offensive security professionals may...
Microsoft has announced plans to retire the legacy RC4 algorithm from Windows authentication. The company is preparing changes that will affect Kerberos infrastructure and strengthen the resilience of corporate networks against modern threats, including...
SpearSpray is an advanced password spraying tool designed specifically for Active Directory environments. It combines user enumeration via LDAP with intelligent pattern-based password generation to perform controlled and stealthy password spraying attacks over Kerberos. Features...
Sauron Fast context enumeration for newly obtained Active Directory credentials. Why Sauron? When you obtain fresh credentials (password spraying, phishing, hash replay, etc.), the first thing you need is context: Who is this account...
At DEF CON 2025, researchers from Akamai unveiled a study on a critical vulnerability in Windows Server 2025 known as BadSuccessor (CVE-2025-53779), which allows low-privileged users to instantly escalate their access to Domain Admin....
Logan Goins, a researcher at SpecterOps, has unveiled a novel technique for exploiting NTLM authentication that enables adversaries to bypass low-level access restrictions in corporate networks and offload tool execution from an infected workstation....