Overkill SecurityThe Dark Side of LSASS: How Evil Twins Bypass Security MeasuresThe EvilLsassTwin project on GitHub, found in the Nimperiments repository, focuses on a specific technique for extracting credentials from…Jul 24
Poiint[HTB] Blackfield Write-upWelcome! Today we’re doing Blackfield from HackTheBox. A windows machine that is a DC which has SMB null session enabled where we could…Dec 23, 2023
RossinanteSomething about Access TokensHello everyone. In this article, we will talk about Access Tokens and how it influences the experience of end users in a Windows operating…Mar 29Mar 29
Lokesh JindalLsass.exe (Local Security Authority Subsystem Service)Lsass.exe is a critical process in Microsoft Windows operating systems responsible for enforcing security policies on your system. It…Mar 1Mar 1
Gaurav GuptaUnderstanding basic important processes in WindowsBasic important processes in windowsFeb 11, 2023Feb 11, 2023
Overkill SecurityThe Dark Side of LSASS: How Evil Twins Bypass Security MeasuresThe EvilLsassTwin project on GitHub, found in the Nimperiments repository, focuses on a specific technique for extracting credentials from…Jul 24
Poiint[HTB] Blackfield Write-upWelcome! Today we’re doing Blackfield from HackTheBox. A windows machine that is a DC which has SMB null session enabled where we could…Dec 23, 2023
RossinanteSomething about Access TokensHello everyone. In this article, we will talk about Access Tokens and how it influences the experience of end users in a Windows operating…Mar 29
Lokesh JindalLsass.exe (Local Security Authority Subsystem Service)Lsass.exe is a critical process in Microsoft Windows operating systems responsible for enforcing security policies on your system. It…Mar 1
Gaurav GuptaUnderstanding basic important processes in WindowsBasic important processes in windowsFeb 11, 2023
Panagiotis GkatziroulisinBlue TeamPreventing Mimikatz AttacksMimikatz is playing a vital role in every internal penetration test or red team engagement mainly for its capability to extract passwords…Aug 9, 20182
Olaf HartonginFalconForceFalconFriday — Detecting LSASS dumping with debug privileges — 0xFF1FCredential dumping from Local Security Authority Subsystem Service (LSASS)Sep 16, 2022
Roy SoWindows Authentication Process always confused me until this diagramImage Credit: HTBAug 8, 2023
![[HTB] Blackfield Write-up](https://miro.medium.com/v2/resize:fit:1358/format:webp/1*4-G0LkEFulCBtaZASfggXw.png)
![[HTB] Blackfield Write-up](https://miro.medium.com/v2/resize:fit:1144/format:webp/1*4-G0LkEFulCBtaZASfggXw.png)
