Category Archives: Password Audits

Top 5 Things That Will Land an Attacker in the Azure Cloud

Posted on by

1. Misconfigured Cloud Infrastructure What type of misconfigurations can exist in a cloud infrastructure? Vulnerable front-facing webservers, unpatched appliances, and storage accounts allowing anonymous public access are just a few examples of common infrastructure misconfigurations in cloud environments. How can these services translate into an attacker gaining access to my cloud? Storage accounts can hold…

The post Top 5 Things That Will Land an Attacker in the Azure Cloud appeared first on TrustedSec.

Continue reading Top 5 Things That Will Land an Attacker in the Azure Cloud

2023 Resolutions for Script Kiddies

Posted on by

Introduction 2022 was a tough year. It seemed like no one was safe. Nvidia, Samsung, Ubisoft, T-Mobile, Microsoft, Okta, Uber—and those were just some of Lapsus$’s breaches. What’s a Script Kiddie to do to be better protected in 2023? Another year in the books, and it was another big year for cybersecurity. While 2022 did…

The post 2023 Resolutions for Script Kiddies appeared first on TrustedSec.

Continue reading 2023 Resolutions for Script Kiddies

Auditing Exchange Online From an Incident Responder’s View

Posted on by

Business Email Compromise (BEC) within the Microsoft 365 environment is becoming a more common attack vector. In case you’re unfamiliar with what exactly BEC entails, it’s when an attacker or unauthorized user gains access to a business email account via social engineering. Most commonly, an attacker compromises an account, intercepts email conversation(s), and uses this…

The post Auditing Exchange Online From an Incident Responder’s View appeared first on TrustedSec.

Continue reading Auditing Exchange Online From an Incident Responder’s View

The Curious Case of the Password Database

Posted on by

Nowadays, password managers are king. We use password managers to secure our most sensitive credentials to a myriad of services and sites; a compromise of the password manager could prove devastating. Due to recently disclosed critical Common Vulnerabilities and Exposures (CVEs) involving ManageEngine’s Password Manager Pro software, a client came to us at TrustedSec, wondering:…

The post The Curious Case of the Password Database appeared first on TrustedSec.

Continue reading The Curious Case of the Password Database

Manipulating User Passwords Without Mimikatz

Posted on by

There are two common reasons you may want to change a user’s password during a penetration test: You have their NT hash but not their plaintext password. Changing their password to a known plaintext value can allow you to access services in which Pass-the-Hash is not an option. You don’t have their NT hash or…

The post Manipulating User Passwords Without Mimikatz appeared first on TrustedSec.

Continue reading Manipulating User Passwords Without Mimikatz

Recovering Randomly Generated Passwords

Posted on by

TL;DR – Use the following hashcat mask files when attempting to crack randomly generated passwords. 8 Character Passwords masks_8.hcmask 9 Character Passwords masks_9.hcmask 10 Character Passwords masks_10.hcmask When testing a client’s security posture, TrustedSec will sometimes conduct a password audit. This involves attempting to recover the plaintext password by extracting and cracking the NTLM hashes…

The post Recovering Randomly Generated Passwords appeared first on TrustedSec.

Continue reading Recovering Randomly Generated Passwords