2xxe | Substack

https://sra.io/blog/aws-iam-exploitation/

Apr 30, 2019

LAPS password retrieval activity can be logged via directory service advanced auditing, specifically event ID 4662, after configuring the appropriate…

Jun 30, 2022

https://sra.io/blog/automated-detection-rule-analysis-with-dredd/

May 5, 2022

https://sra.io/blog/selective-kerberoast-prevention-using-dacls/

May 5, 2022

imported from https://2xxe.com/posts/6/

Jun 7, 2019

https://sra.io/blog/updated-results-from-the-mitre-attck-edr-evaluation/

Mar 9, 2019

https://sra.io/blog/a-closer-look-at-mitre-attck-evaluation-data/

Dec 8, 2018

imported from https://2xxe.com/posts/2/

Sep 19, 2018

2xxe

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts