With the emergence of more C# and .NET tooling, I occasionally see people tripping up over this. It’s not a huge issue, just something to be aware of.
Very quick post to explore some different ways to enumerate the AppLocker configuration being applied to a host, both remotely and locally. Understanding these rules, particularly deny rules, are useful for engineering bypasses.
This is just a quick post to demonstrate some interesting aspects of the Remote Desktop Clipboard Monitor.
Persistence, noun, the continued or prolonged existence of something.
In Part 1 we explored how one could go about discovering and mapping the LAPS configuration in a domain. In this part, we’ll look at various ways LAPS can be abused for persistence purposes.
Where a 10-year old backup can fcuk you in the ass…