core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

HomeLDAP Relay

Posts in category: LDAP Relay

Relaying Trust: Exploiting NTLM Authentication to Compromise Active Directory

Relaying Trust: Exploiting NTLM Authentication to Compromise Active Directory

March 26, 2026
by oxfemale Active DirectoryContainersImpacketKerberosLDAP RelayNetworkNTLM RelaySecuritywindows

he article demonstrates an NTLM relay attack against Active Directory using tools like ntlmrelayx and PetitPotam. By relaying authentication to LDAP, attackers can create accounts, abuse delegation, and gain administrative access.

Read More

Recent Posts

  • Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem
  • Bypassing Code Integrity Using BYOVD for Kernel R/W Primitives
  • Hidden Bugs in Plain Sight: Hunting Vulnerabilities Inside Shared Libraries
  • Inside WMI: Tracing Windows Management from Consumers to COM Providers
  • Backup to SYSTEM: Exploiting the IDrive Client Privilege Escalation Flaw

Archives

  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Active Directory Security byovd bypass cpp Detection Engineering EDR EDRBypass EDR Evasion EDREvasion Embedded Security Exploit Development firmware Firmware Analysis Firmware Security Hardware Hacking Hardware Security injection IoT Security Kernel Debugging Offensive Security poc Post-Exploitation PPL Privilege Escalation Process Injection red team RedTeam Red Teaming Red Team Techniques Reverse Engineering ROP Secure Boot Security Research shellcode TPM Vulnerability Research winapi WinDBG windows Windows 11 Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • .NET
  • access
  • ACE
  • ACL
  • Active Directory
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • alloc
  • ALPC
  • Antivirus
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BIOS
  • BitLocker
  • Blue team
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • CIMOM
  • CLFS
  • cmd
  • COM
  • Containers
  • Cortex XDR
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • DCOM
  • Debug
  • Defender
  • DEP
  • Deserialization
  • DFIR
  • DMA
  • DNS
  • Driver
  • dump
  • EDR
  • Embedded
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • Exploit Development
  • exploitation
  • filesystem
  • firmware
  • Flash
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • Impacket
  • impact
  • Injection
  • IOCTL
  • IoT
  • Kerberos
  • kernel
  • kernel-mode
  • LDAP Relay
  • Library
  • Linux
  • LLM
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • NTLM Relay
  • NVMe
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • PHP
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Protection
  • PXE
  • Python
  • QEMU
  • Race Condition
  • RCE
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • Security
  • shellcode
  • Shortcut
  • SPI Flash
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • Telnetd
  • TPM
  • UAC
  • UART
  • UEFI
  • Uncategorized
  • Use-After-Free
  • user-mode
  • VMProtect
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Windows Admin Center
  • Winsock
  • WMI
  • Wordpress
  • WSL
  • XNU Kernel
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket