Relaying YubiKeys Part 2
After my first post on relaying YubiKeys, I got a suggestion to see if it was possible to also relay FIDO2-based logins, after confirming that FIDO2 are not ...
Recent Posts
Relaying YubiKeys
We are not relaying actual physical YubiKeys, we are relaying the APDU packets that the server application wants to get signed by a private key to verify the...
Poc’ing Beyond Domain Admin - Part 1
Overview During a CTF hosted at the beginning of this year, I popped the machine, got domain context, ran bloodhound as usual and saw that my compromised use...
NTLM Relaying for gMSA Passwords
Overview gMSA is short for group managed service accounts in Active Directory. gMSA accounts have their passwords stored in a LDAP property called msDS-Manag...