Active Directory Password complexity checker

If you have enabled the password complexity in your Active Directory domain through GPO, you probably have received complaints from the users : “I cannot find a password. Every time I try to enter a new password, a message indicates…

Resolve the CBS.log file size problem

System File Checker is a utility in Windows that allows users to scan for corruptions in Windows system files and restore corrupted files. The exe file, sfc.exe, generates a log file called %windir%\Logs\CBS\CBS.log. The Sfc.exe program writes the details of…

Get the credentials from locked machines

I look forward to my new toy : the lan turtle from Hak5 Mubix “Rob” Fuller has written an awesome article on how to get the credentials from locked machines. This hack can be performed with the Hak5 lan turtle…

The new version of Kali is available

The most popular Pentest distribution is now available. Several new features/improvements are the following : Full 64bits new releases of KDE, MATE, LXDE, e17, and Xfce New tools : hostapd-wpe, wifiPhisher, routersploit, gobuster, BetterCAP You can download now the new…

Share passwords in a secure way

I have found a tool that will allow you to share passwords in a secure way. This tool has been written by the Pinterest team and need the following requirements: Redis Python 2.6, 2.7 or 3.3+ Snappass Github description: It’s…

ServiceNow workflow, Powershell and JSON

ServiceNow provides ITSM solutions and products: Configuration Management Database Edge Encryption Knowledge Management Performance Analytics Reporting Service Catalog Service Portal Designer Subscription Management Visual Task Boards Workflow The last feature is very interesting. Each workflow can contain “activities”. These activities…

Add/remove specific user based on AD attributes to/from a group

I have written this simple script to show you how to : work with a user account found with a specific Active Directory attribute (in the example, the attribute employeeID is used) add the user account to the group with…

Microsoft has revealed the secure golden key system

On the 9th of August 2016, Microsoft has revealed by accident the secure golden key system that is supposed to be used as a UEFI backdoor : with that key, it is now possible to unlock all Windows devices such…

Calculate Kerberos token size

The authentication protocol within a Microsoft infrastructure since the Windows 2000 time frame has been Kerberos. The Kerberos token leverages a predefined buffer to house authorization requests. This predefined Kerberos buffer size is set by the MaxTokenSize setting found in…

Understand the privilege relationships in an Active Directory environment

A new version of BloodHound (1.3.0) is already available on the GitHub. BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound uses graph…