Joshua MartinelleinTenable TechBlogSolidus — Code ReviewAs a Research Engineer at Tenable, we have several periods during the year to work on a subject of our choice, as long as it represents an…Jun 10
Clément Notin [Tenable]inTenable TechBlogSMB “Access is denied” Caused by Anti-NTLM Relay ProtectionExplanations of the “Microsoft network server: Server SPN target name validation level” hardening policy: what it does, how to…Jan 11, 20231
Clément Notin [Tenable]inTenable TechBlogStealthy Persistence with “Directory Synchronization Accounts” Role in Entra ID“Directory Synchronization Accounts” Entra role is very powerful while being hidden to admins, making it a perfect stealthy backdoor 🙈Jun 3Jun 3
Clément Notin [Tenable]inTenable TechBlogDecrypt Kerberos/NTLM “encrypted stub data” in WiresharkI often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC 😉 But I’m often interrupted in…Sep 28, 2022Sep 28, 2022
Joshua MartinelleinTenable TechBlogWordPress : From vulnerability identification to compromisingWordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…May 29May 29
Joshua MartinelleinTenable TechBlogSolidus — Code ReviewAs a Research Engineer at Tenable, we have several periods during the year to work on a subject of our choice, as long as it represents an…Jun 10
Clément Notin [Tenable]inTenable TechBlogSMB “Access is denied” Caused by Anti-NTLM Relay ProtectionExplanations of the “Microsoft network server: Server SPN target name validation level” hardening policy: what it does, how to…Jan 11, 20231
Clément Notin [Tenable]inTenable TechBlogStealthy Persistence with “Directory Synchronization Accounts” Role in Entra ID“Directory Synchronization Accounts” Entra role is very powerful while being hidden to admins, making it a perfect stealthy backdoor 🙈Jun 3
Clément Notin [Tenable]inTenable TechBlogDecrypt Kerberos/NTLM “encrypted stub data” in WiresharkI often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC 😉 But I’m often interrupted in…Sep 28, 2022
Joshua MartinelleinTenable TechBlogWordPress : From vulnerability identification to compromisingWordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…May 29
David WellsinTenable TechBlogBypass Windows 10 User Group Policy (and more) with this One Weird TrickI‘m going to share an (ab)use of a Windows feature which can result in bypassing User Group Policy (as well as a few other interesting…Feb 18, 20206
Clément Notin [Tenable]inTenable TechBlogEntra Roles Allowing To Abuse Entra ID Federation for Persistence and Privilege EscalationWhich Entra ID (ex-Azure AD) roles allow configuring federated authentication, thus allowing persistence and privilege escalation 💥Jan 92
Ben SmithinTenable TechBlogAnother Path to Exploiting CVE-2024-1212 in Progress Kemp LoadMasterIntroApr 2