LDAP authentication in Active Directory environments
Published on Tue 31 October 2023 by @lowercase_drm
Understanding the different types of LDAP authentication methods is fundamental to apprehend subjects such as relay attacks or countermeasures. This post introduces them through the lens of Python libraries.
Bypassing LDAP Channel Binding with StartTLS
Published on Thu 28 April 2022 by @lowercase_drm
While doing research on LDAP client certificate authentication, we realized that the LDAP implementation of Active Directory supports the StartTLS mechanism, which has interesting implications on relay attacks.