DirectoryRanger

16.9K posts

DirectoryRanger banner
DirectoryRanger

DirectoryRanger

@DirectoryRanger

This account assembles and disseminates information related to Active Directory and Windows security.

Katılım Aralık 2017
103 Takip Edilen36.8K Takipçiler
Sabitlenmiş Tweet
DirectoryRanger
DirectoryRanger@DirectoryRanger·
24/7 Active Directory Incident Response Contact: Tel. +49 (0) 6221 7569637 E-mail: incident-response@ernw.de
Français
2
22
116
91.3K
DirectoryRanger retweetledi
Casey
Casey@_subTee·
Decided to put my money where my mouth is. We built a thing. Give it a go. github.com/AlloySecureGro…
English
7
30
118
18.2K
DirectoryRanger retweetledi
Co11ateral
Co11ateral@co11ateral·
Abusing Printers to Compromise Active Directory In many organizations, sysadmins are only focused on servers and workstations. But printers sit on the same network. They are rarely monitored with the same level of attention as more "important" systems. Many of those printers store AD user credentials which can be extracted in plaintext to attack the DC. Even if the AD is well secured, these creds can be used to poison shares with LNK files. Even print jobs themselves can become a target especially when they contain confidential information. Unfortunaly, many of the IoT devices in the corporate environments are outdated and aren't taken seriously. We also mentioned how you can fix that. hackers-arise.com/iot-hacking-ab… @three_cube @_aircorridor #iot #pentesting
Co11ateral tweet media
English
5
129
614
37K
DirectoryRanger retweetledi
Martin Sohn Christensen
Martin Sohn Christensen@martinsohndk·
RID-500 is AD's best break-glass account... and you should disable it!🙃 @JsQForKnowledge shared counterintuitive wisdom at #TROOPERS26 - All-powerful and cannot get locked out. - Disabled = more secure. - Disabled bypassed when booting in Safe Mode With Networking. Sources in🧵
Martin Sohn Christensen tweet media
English
1
8
48
3.8K