Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they ...

Microsoft has released emergency patches to fix an apparent reporting error in Active Directory (AD) Group Policy, which allows administrators to manage and configure user and computer settings in ...

Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active ...

The 7.8-rated flaw allows an attacker to elevate privileges up to system level thanks to a use-after-free () flaw in the aforementioned driver. The issue affects all versions of Windows Server up to ...

A new Sophos study finds that most attackers gain access to networks via external remote services.

In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in ...

Facing these problems, in this paper, we propose a novel log-based anomaly detection method named EagerLog, employing active learning to choose the logs for humans to label, thereby adding them to the ...

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.