top of page
The HUB
Featured Posts
Limiting Domain Controller Attack Surface: Why less services, less software, less agents = less exposure.
This article is a guide to making the best-informed decisions by companies asking the right questions.
Scott Blake
Oct 8, 20245 min read
Securing The Chink in Kerberos’ Armor, FAST! Understanding The Need For Kerberos Armoring
35 years after the first public version of Kerberos, attacks on it are still coming fast and furious. Time to armor up.
Darryl Baker
Jul 16, 20247 min read
Return of The LDAP Channel Binding and LDAP Signing
It has been over two and a half years since we first touched on the subject of LDAP channel binding and LDAP signing.
Scott Blake
Oct 17, 20238 min read
Securing The Chink in Kerberos’ Armor, FAST! Understanding The Need For Kerberos Armoring
35 years after the first public version of Kerberos, attacks on it are still coming fast and furious. Time to armor up.
Darryl Baker
Jul 16, 20247 min read
Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)
Editor's Note: Nearly a decade ago, Sean Metcalf made this post on ADSecurity.org and we're reposting it here in its original form because,
Sean Metcalf
Jul 1, 20244 min read
BSides Dublin - The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations
BSides Dublin - The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations
Sean Metcalf
Jun 5, 20241 min read
bottom of page