2xxe | Substack

AWS IAM Exploitation

https://sra.io/blog/aws-iam-exploitation/

Apr 30, 2019

New

Top

Misc: LAPS Password Retrieval Logs via DS Access

LAPS password retrieval activity can be logged via directory service advanced auditing, specifically event ID 4662, after configuring the appropriate…

Jun 30, 2022

Automated Detection Rule Analysis with Dredd

https://sra.io/blog/automated-detection-rule-analysis-with-dredd/

May 5, 2022

Selective Kerberoast Prevention using DACLs

https://sra.io/blog/selective-kerberoast-prevention-using-dacls/

May 5, 2022

Attacking Apache Karaf

imported from https://2xxe.com/posts/6/

Jun 7, 2019

Updated Results from the MITRE ATT&CK Endpoint Detection and Response Evaluation

https://sra.io/blog/updated-results-from-the-mitre-attck-edr-evaluation/

Mar 9, 2019

A Closer Look at MITRE ATT&CK Evaluation Data

https://sra.io/blog/a-closer-look-at-mitre-attck-evaluation-data/

Dec 8, 2018

Creating a Project Sonar FDNS API with AWS (Part 1)

imported from https://2xxe.com/posts/2/

Sep 19, 2018

2xxe

2xxe

2xxe (https://twitter.com/2XXEformyshirt)

2xxe

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts