Service accounts are that gray area between regular user accounts and admin accounts that are often highly privileged. They are almost always over-privileged due to documented vendor requirements or because of operational challenges (“just make it work”). We can discover service accounts by looking for user accounts with Kerberos Service Principal Names (SPNs) which I …
Tag: ServiceNow
Recent Posts
- Slides Posted for Black Hat USA 2019 Talk: Attacking & Defending the Microsoft Cloud
- AD Reading: Windows Server 2019 Active Directory Features
- There’s Something About Service Accounts
- Mitigating Exchange Permission Paths to Domain Admins in Active Directory
- From DNSAdmins to Domain Admin, When DNSAdmins is More than Just DNS Administration
Trimarc Active Directory Security Services
Have concerns about your Active Directory environment?
Trimarc helps enterprises improve their security posture.
Find out how... TrimarcSecurity.com
Popular Posts
- Attack Methods for Gaining Domain Admin Rights in…
- PowerShell Encoding & Decoding (Base64)
- Securing Domain Controllers to Improve Active…
- Securing Windows Workstations: Developing a Secure Baseline
- Finding Passwords in SYSVOL & Exploiting Group…
- Kerberos & KRBTGT: Active Directory’s…
- The Most Common Active Directory Security Issues and…
- Building an Effective Active Directory Lab…
- Microsoft Local Administrator Password Solution (LAPS)
- Detecting Offensive PowerShell Attack Tools
Categories
- ActiveDirectorySecurity
- Apple Security
- Cloud Security
- Continuing Education
- Entertainment
- Exploit
- Hacking
- Hardware Security
- Hypervisor Security
- Linux/Unix Security
- Malware
- Microsoft Security
- Mitigation
- Network/System Security
- PowerShell
- RealWorld
- Security
- Security Conference Presentation/Video
- Security Recommendation
- Technical Article
- Technical Reading
- Technical Reference
- TheCloud
- Vulnerability
Tags
ActiveDirectory
Active Directory
ActiveDirectoryAttack
ActiveDirectorySecurity
Active Directory Security
ADReading
ADSecurity
AD Security
DCSync
DEFCON
DomainController
EMET5
GoldenTicket
HyperV
Invoke-Mimikatz
KB3011780
KDC
Kerberos
KerberosHacking
KRBTGT
LAPS
LSASS
MCM
MicrosoftEMET
MicrosoftWindows
mimikatz
MS14068
PassTheHash
PowerShell
PowerShellCode
PowerShellHacking
PowerShellv5
PowerSploit
Presentation
Security
SIDHistory
SilverTicket
SneakyADPersistence
SPN
TGS
TGT
Windows10
WindowsServer2008R2
WindowsServer2012
WindowsServer2012R2