Ramblings

Execution Policy Bypass using Code Signing

Sign your PowerShell Scripts

During a recent penetration test, I wanted to run PowerHuntShares, a PowerShell script designed to find secrets in shared resources and much more. If you haven’t heard of it before, I highly recommend checking it out.

RemoteSigned

The output...

GetLoggedOn - Remote Registry Enumeration

Remote Registry to enumerate the logged on users?

During red team operations we, more time than not, are targeting the Active Directory. We have all been in the situation that we quickly want to check wether or not users are connected/logged in to certain devices, for let’s...

Pathfinders - Episode: 1

What is this and why should I read it?

This is a small blogpost series I would like to start to showcase some cool attack paths we found during red teams or penetration tests with some extra bits & pieces here and there. Obviously it will be...