core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

HomeActive Directory

Posts in category: Active Directory

What Windows Server 2025 Quietly Did to Your NTLM Relay

What Windows Server 2025 Quietly Did to Your NTLM Relay

April 9, 2026
by oxfemale Active DirectoryKerberosLDAP RelayNTLM Relaywindows

Windows Server 2025 quietly breaks a classic NTLM relay technique by enforcing changes inside msv1_0.dll. The update prevents attackers from abusing NTLMv1 and stripping MIC to relay authentication to LDAPS.

Read More
Credential Dumping from LSASS (Windows Authentication Secrets)

Credential Dumping from LSASS (Windows Authentication Secrets)

April 1, 2026
by oxfemale Active DirectoryCredential AttacksdumpLSASSwindows

The article explains how attackers dump credentials from the Windows LSASS process using tools like Mimikatz and ProcDump, extracting password hashes and Kerberos tickets that enable privilege escalation and lateral movement.

Read More
Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem

Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem

March 28, 2026
by oxfemale Active DirectoryEscalationKerberosNTLM RelayPrivilegewindows

CVE-2025-33073 enables NTLM reflection attacks that give attackers SYSTEM access on vulnerable Windows hosts. When combined with unconstrained delegation, a single compromised server can lead to full Active Directory domain compromise.

Read More
Relaying Trust: Exploiting NTLM Authentication to Compromise Active Directory

Relaying Trust: Exploiting NTLM Authentication to Compromise Active Directory

March 26, 2026
by oxfemale Active DirectoryContainersImpacketKerberosLDAP RelayNetworkNTLM RelaySecuritywindows

he article demonstrates an NTLM relay attack against Active Directory using tools like ntlmrelayx and PetitPotam. By relaying authentication to LDAP, attackers can create accounts, abuse delegation, and gain administrative access.

Read More
Breaking the Flat Network: How Tiering Models Protect Active Directory

Breaking the Flat Network: How Tiering Models Protect Active Directory

March 25, 2026
by oxfemale Active DirectoryActive DirectoryBlue teamNetworkPenetration TestingPrivilegeSecuritywindows

The article explains how flat enterprise networks enable easy lateral movement and domain compromise. It shows how Active Directory tiering models segment privileges and systems to prevent attackers from escalating access.

Read More
Active Directory Security Assessment: Password Spraying, Privilege Escalation, and Kerberoasting

Active Directory Security Assessment: Password Spraying, Privilege Escalation, and Kerberoasting

March 14, 2026
by oxfemale Active DirectoryCredential AttacksEscalationPenetration TestingPrivilegewindows

This article analyzes an Active Directory attack chain where password spraying reveals valid credentials, privileged accounts enable escalation, and Kerberoasting exposes service account hashes, demonstrating how weak credential management can lead to full domain compromise.

Read More
EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows

EventLog-in: Propagating With Weak Credentials Using the Eventlog Service in Microsoft Windows (CVE-2025-29969)

February 23, 2026
by oxfemale Active DirectoryEventlogimpactMS-EVENNetworkRCERPCwindows

SafeBreach Labs disclosed a critical RCE in the MS-EVEN RPC service (CVE-2025-29969) that lets low-privilege users write arbitrary files remotely on Windows 11/Server 2025, bypassing share limits. Patched May 2025.

Read More
THE ULTIMATE GUIDE TO WINDOWS COERCION TECHNIQUES IN 2025

THE ULTIMATE GUIDE TO WINDOWS COERCION TECHNIQUES IN 2025

February 16, 2026
by oxfemale Active DirectoryAD CSattaksexploitationwindows

Windows authentication coercion is still a powerful AD primitive: it forces predictable auth flows and enables relay chains. Modern mitigations reduce easy abuse, but when combined with AD CS o

Read More

Recent Posts

  • 89 vulnerabilities in XAPI / Citrix XenServer
  • Patchless AMSI Bypass via Page Guard Exceptions
  • A Step-by-Step Guide to Uncovering Vulnerabilities in a Mobile App
  • How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection
  • A Shortcut to Coercion: Incomplete Patch of APT28’s Zero-Day Leads to CVE-2026-32202

Archives

  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Active Directory Security Application Security byovd bypass cpp EDR EDR Bypass EDR Evasion EDREvasion Embedded Security Endpoint Security Exploit Development Firmware Reverse Engineering Hardware Hacking Hardware Security injection IoT Security Kernel Debugging Kernel Exploitation macOS Security Malware Analysis Malware Development Memory Corruption Offensive Security Post-Exploitation PPL Privilege Escalation Process Injection red team RedTeam Red Teaming Red Team Techniques remote code execution Reverse Engineering Security Research shellcode Vulnerability Research WinDBG windows Windows 11 Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • .NET
  • access
  • ACE
  • ACL
  • Active Directory
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • AI Security Research
  • alloc
  • ALPC
  • AMSI
  • Android
  • Antivirus
  • Apache Tomcat
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BIOS
  • BitLocker
  • Blue team
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • Camera
  • CI/CD
  • CIMOM
  • Cisco
  • Citrix
  • Claude AI
  • CLFS
  • cmd
  • COM
  • Command Injection
  • Containers
  • Copilot
  • Cortex XDR
  • CPL
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • CSRF
  • DCOM
  • Debug
  • Defender
  • DEP
  • Deserialization
  • DFIR
  • DLL Sideloading
  • DMA
  • DNS
  • Driver
  • dump
  • EDR
  • Embedded
  • Encryption
  • Escalation
  • ESP32
  • ESXi
  • Evasion
  • Eventlog
  • Exploit Development
  • exploitation
  • filesystem
  • firmware
  • Flash
  • FreeBSD
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • Hyper-V
  • Hypervisor
  • Impacket
  • impact
  • Injection
  • IOCTL
  • IoT
  • IPC
  • IRP
  • Java
  • JIT
  • JWT Security
  • Kerberos
  • kernel
  • kernel-mode
  • LDAP Relay
  • Library
  • Linux
  • LLM
  • LLM Exploit Development
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • Machine Learning
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • NTLM Relay
  • NVMe
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • PHP
  • pipe
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Privilege Escalation
  • Protection
  • PXE
  • Python
  • QEMU
  • Race Condition
  • radare2
  • RCE
  • Recall
  • Recovery mode
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • Security
  • shellcode
  • Shortcut
  • SPI Flash
  • Stack Overflow
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • Telnetd
  • TPM
  • UAC
  • UART
  • UEFI
  • Uncategorized
  • USB
  • Use-After-Free
  • user-mode
  • Virtualization
  • VMProtect
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Windows Admin Center
  • Winsock
  • WMI
  • WML
  • Wordpress
  • WSL
  • XenServer
  • Xiaomi
  • XML
  • XNU Kernel
  • XSS
  • XXE
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket