RESEARCH

Trimarc performs cutting-edge Active Directory enterprise attack and defense research to best identify how to detect, mitigate, and prevent modern attacks. This information is the foundation for our security consulting offerings, training sessions, and and is shared first with our customers including those with long-term contracts and others per agreement. We also share much of the results of our research on the Trimarc website, as well as ADSecurity.org.
 

Our research has helped the industry detect forged Kerberos tickets and better detect attack techniques.
 

Recently published research:

• Detecting Kerberoasting Activity

• Detecting Offensive PowerShell Attack Tools

• Expanding the Capability of Golden Tickets (Forged Kerberos TGT Authentication Tickets)

• Detecting Forged Kerberos Ticket (Golden Ticket & Silver Ticket) Use in Active Directory

• Detecting MS14-068 Kerberos Exploit Packets on the Wire aka How the PyKEK Exploit Works

• Mimikatz Guide and Command Reference

We frequently present our research at security conferences to share with the community.