LDAP relays for initial foothold in dire situations
Published on Mon 28 March 2022 by @SAERXCIT
Implementing existing attacks & techniques necessitating a domain account as black box LDAP relays to facilitate gaining initial access to a hardened domain.
HowTo: intercept mutually-authenticated TLS communications of a Java thick client
Published on Wed 31 March 2021 by @SAERXCIT
A quick guide on how to intercept TLS communications of a hardened Java thick client implementing client certificate authentication and certificate pinning using jdb.