Open in app

Sign In

Write

Sign In

Riccardo Ancarani
Riccardo Ancarani

164 Followers

Home

About

Oct 19, 2019

Hunting for Suspicious LDAP Activity with SilkETW and Yara

Detecting Active Directory Enumeration — Intro This is another post to document my journey of learning Threat Hunting. In today’s post we’re going to perform threat hunting activities with the aim of hunting for AD domain enumeration. We’re going to heavily rely on FireEye’s SilkETW and we’ll search for suspicious LDAP queries generated by our endpoints. …

Security

4 min read

Hunting for Suspicious LDAP Activity with SilkETW and Yara
Hunting for Suspicious LDAP Activity with SilkETW and Yara
Security

4 min read


Aug 11, 2019

BloodHound Tips and Tricks

This is going to be a quick post on some tips that will make your BloodHound analysis much more fluid and painless 😎. …

Neo4j

6 min read

BloodHound Tips and Tricks
BloodHound Tips and Tricks
Neo4j

6 min read


Apr 28, 2019

Exploiting Unconstrained Delegation

Original blog post: Exploiting Unconstrained Delegation TLDR;Nothing new under the sun, this post is just part of my series of experiments and practice of active directory…blog.riccardoancarani.it Unconstrained Delegation + The Printer Bug = DCSync TLDR; Nothing new under the sun, this post is just part of my series of experiments and practice of active directory exploitation. We’re going to exploit the well-known issue of Kerberos Unconstrained Delegation using the Printer Bug.

Microsoft

7 min read

Exploiting Unconstrained Delegation
Exploiting Unconstrained Delegation
Microsoft

7 min read


Mar 4, 2019

Review of Attacking and Defending Active Directory

Original blog post: Review of Attacking and Defending Active Directory Intro Today we're going to make a quick review of the course I recently purchased: Attacking and Defending Active…blog.riccardoancarani.it Today we’re going to make a quick review of the course I recently purchased: Attacking and Defending Active Directory offered by PentesterAcademy. You can find the course here: https://www.pentesteracademy.com/activedirectorylab

Active Directory

4 min read

Review of Attacking and Defending Active Directory
Review of Attacking and Defending Active Directory
Active Directory

4 min read


Jan 6, 2019

eLearnSecurity Penetration Testing eXtreme Review

The original blog post: eLearnSecurity Penetration Testing eXtreme Review The eLearnSecurity Penetration Testing eXtreme or PTX is the most advanced offensive course offered by eLearnSecurity…blog.riccardoancarani.it The eLearnSecurity Penetration Testing eXtreme or PTX is the most advanced offensive course offered by eLearnSecurity. You can find the official course page here. …

Penetration Testing

7 min read

Penetration Testing

7 min read


Aug 10, 2018

Attacking Docker exposed API

Original blog post: Attacking Docker exposed API Today we are going to explore some of the security risks associated with Docker, specifically we are going to examine…blog.riccardoancarani.it Intro Today we are going to explore some of the security risks associated with Docker, specifically we are going to examine the consequences of exposing the native Docker API to the external world. By default when you install docker on a host, you can access the docker API only…

Docker

6 min read

Attacking Docker exposed API
Attacking Docker exposed API
Docker

6 min read


Jun 6, 2018

Bad PDF + SMB Relay = ❤

Today we are going to chain two nice exploits: Bad PDF and SMB Relay. We hope to gain a few shells just by tricking a user to open a PDF file, awesome isn’t it? Let’s see how to make everything work! You can find the original blog post here: Bad PDF + SMB Relay = ❤ Today we are going to chain two nice exploits: Bad PDF and SMB Relay. We hope to gain a few shells just by tricking a…blog.riccardoancarani.it

Penetration Testing

5 min read

Bad PDF + SMB Relay = ❤
Bad PDF + SMB Relay = ❤
Penetration Testing

5 min read


Mar 16, 2018

Another OSCP review

What is this? Another boring post on OSCP? Yup. — You can read the original post in my personal blog, check it out! OSCP Review What is this? Another boring post on OSCP? Yup. As you may already know, after you complete the order you receive the…blog.riccardoancarani.it The material As you may already know, after you complete the order you receive the material from OffSec: - A 400 page PDF that guides you through the pentesting process. - ~8h of video materials, the content is not totally overlapped…

Penetration Testing

3 min read

Penetration Testing

3 min read


Sep 17, 2017

eLearnSecurity Professional Penetration Testing v4 Review

An informal review of one of the top penetration testing certification out there — Intro FIrst of all, what am i going to talk about? eLearnSecurity Professional Penetration Testing (PTP from now) is a course offered from eLearnSecurity, a company based in Dubai, Santa Clara and… Pisa. Yeah Pisa always makes me smile, mainly because I am from Florence (the historical enemy of Pisa, you know…

Security

5 min read

eLearnSecurity Professional Penetration Testing v4 Review
eLearnSecurity Professional Penetration Testing v4 Review
Security

5 min read


Apr 2, 2017

Metasploitable3: An unexpected jurney

Part 1: Abusing Old Elasticsearch — Today I put my hands on a new toy called Metasploitable3, the successor of Metasploitable2. For those who don’t know what Metasploitable is, it’s a intentionally vulnerable VM built by Rapid7 for training/testing, you can find it here. I’m really glad that Rapid7 guys came out with this new (well…

Elasticsearch

3 min read

Metasploitable3: An unexpected jurney
Metasploitable3: An unexpected jurney
Elasticsearch

3 min read

Riccardo Ancarani

Riccardo Ancarani

164 Followers

Cyber Security & AI enthusiast

Following
  • Ethan Siegel

    Ethan Siegel

  • Daryl Pereira

    Daryl Pereira

  • Intel

    Intel

  • MIT Media Lab

    MIT Media Lab

  • Laughing Mantis

    Laughing Mantis

See all (30)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech