Active Directory & Azure AD/Entra ID Security

Active Directory & Azure AD/Entra ID: Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…

Tag: WCE

Oct 04 2025

The History of Active Directory Security

By Sean Metcalf in ActiveDirectorySecurity, Technical Reference

During the Summer of 2024, I had a talk at Troopers called “A Decade of Active Directory Attacks:What We’ve Learned & What’s Next” (Slides & Video) where I focused on the key milestones of Active Directory security (history). This article covers my “decade of Active Directory attacks” in some detail which was correlated with public …

ACEUptheSleeve, ActiveDirectorySecurityHistory, Adalanche, ADCSAttacks, ADSecurityHistory, BadSuccessor, Bloodhound, Bloodhound.py, BloodhoundCE, BloodhoungOpenGraph, CertifiedPre-Owned, Certify, Certipy, CrackMapExec, DCShadow, DCSync, DNSAdminToDomainAdmin, DSInternals, DSRM, ExploitingGroupPolicyPreferences, GoldenTickets, GroupManagedServiceAccounts, HistoryOfActiveDirectorySecurity, Honeypot, Impacket, Kerberoast, kerberoasting, KerberosRelay, KrbRelayUp, LDAPDomainDump, Locksmith, mimikatz, MimikatzDCSync, NBNSpoof, NTLMRelayX, Overpass-the-hash, Pass-the-ticket, PassTheHash, PetitPotam, PingCastle, PowerShell Empire, PowerShellAttackDetection, PowerSploit, PowerView, PrinterBug, PurpleKnight, RemotePotato, Responder, Rubeus, Sharphound, SilverTickets, SMBRelay, SMBRelay2, WCE, WindowsCredentialEditor

May 11 2015

Detecting Mimikatz Use

By Sean Metcalf in Malware, Microsoft Security, Technical Reference

Benjamin Delpy published some YARA rules in detecting Mimikatz use in your environment. More information on Mimikatz capability is in the “Unofficial Mimikatz Guide & Command Reference” on this site. YARA is described as: YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA …

DetectMimikatz, HowToDetectMimikatz, KerberosTicket, KIRBI, LSASS, LSASSMiniDump, Miilib, mimikatz, WCE, YARA

Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned. Content Ownership: All content posted here is intellectual work and under the current law, the poster owns the copyright of the article. Terms of Use Copyright © 2011 - 2025.

Made with by Graphene Themes.

Tag: WCE

The History of Active Directory Security

Detecting Mimikatz Use

Recent Posts

Active Directory & Entra ID Security Services

Popular Posts

Categories

Recent Posts

Recent Comments

Archives

Categories

Meta

Copyright

Tag: WCE

The History of Active Directory Security

Detecting Mimikatz Use

Recent Posts

Active Directory & Entra ID Security Services

Popular Posts

Categories

Tags

Recent Posts

Recent Comments

Archives

Categories

Meta

Copyright