Good book detailing the security aspects of Microsoft Active Directory [on hold]

I am attending training later this summer related to AD pentesting. As such, I wanted to ask for book recommendations which detail (in full or in part) the security aspects of Active Directory. The more detailed the better.

Continue reading Good book detailing the security aspects of Microsoft Active Directory [on hold]

In Kerberos authentication protocol, why is the TGT encrypted using the user’s key Ka?

When the user first logs in, he fetches his TGT from the KDC along with the session key. I get why Sa (session key) is encrypted with Ka (user’s key). But why is TGT also encrypted with Ka. TGT is already pretty unbreakable o… Continue reading In Kerberos authentication protocol, why is the TGT encrypted using the user’s key Ka?

Vulnerabilities in the WPA3 Wi-Fi Security Protocol

Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category consists of downgrade attacks against WPA3-capable devices, and the second category … Continue reading Vulnerabilities in the WPA3 Wi-Fi Security Protocol

Vulnerabilities in the WPA3 Wi-Fi Security Protocol

Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category consists of downgrade attacks against WPA3-capable devices, and the second category consists of weaknesses in the Dragonfly handshake of WPA3, which in the Wi-Fi standard is better known as the Simultaneous Authentication of Equals (SAE)… Continue reading Vulnerabilities in the WPA3 Wi-Fi Security Protocol