The intention of this post is to provide basic queries for targeted AD DS information gathering used in penetration testing. The reader can
Avant de commencer Remote Desktop Protocol (RDP) est un protocole permettant à un utilisateur d’obtenir une session bureau à distance sur un serveur exécutant Microsoft Terminal Services. À la base le protocole RDP ne supportait que l’authentification interactive. C’est-à-dire que lors d’une ouverture de session RDP, l’utilisateur arrivait sur l’invite d’authentification Windows depuis laquelle il […]
Identifier le risque d’exposition des informations d’identification associé à différents outils d’administration
In this episode , we're gonna talk about cached credentials, something that everybody talks about, but not that many people know how they actually work.
Learn how to enable fingerprint authentication on your ThinkPad with a Linux distro.
Semperis researchers have discovered Silver SAML: a new application of Golden SAML that can be exploited in Entra ID and without AD FS.
Retex : Test d’intrusion Wi-Fi (WPA2-Enterprise)
Segmentation d'un point de vue pratique.
Blog recherche sécurité d'Akamai.
After you add a computer or a user account to an Active Directory security group, the new access permissions or the new GPOs are not applied immediately. To update the…
In this story we’ll learn how to use the Docker Engine API through the network in a secure way. The Engine API is an HTTP API served by the Docker Engine. It’s the API the Docker client uses to…
There is something I want you to know so you don't fall for phishing scams. Phishing emails have gotten a whole lot sneakier since the early days of email.
La Digitale est un éditeur d'outils numériques libres et responsables pour l'éducation.
Outil auto-hébergeable de manipulation des fichiers pdf.
Using environment variables to store secrets has long been considered a good practice. But in this article, we will explore different opinions as to why using env vars might be either good or bad for security
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.