LAPS - Part 2

In Part 1 we explored how one could go about discovering and mapping the LAPS configuration in a domain. In this part, we’ll look at various ways LAPS can be abused for persistence purposes.

Continue reading


Deploying resiliant Red Team infrastructure can be quite a time consuming process. This wiki maintained by Steve Borosh and Jeff Dimmock is probably the best public resource I’ve seen in regards to design considerations and hardening tips.

For someone like myself, who destroys and stands fresh infrastructure up for each engagement, building everything by hand is a long, laborious process. Anything that can be automated is a good thing.

Continue reading

Author's picture

Rasta Mouse

Taylor Swift fan, wannabe Red Teamer & 1337 hax0r (in that order).

Penetration Tester