These days I am trying to learn AD pentest and many questions are popping up in my mind, so here's one for AD Attackers.
In LLMNR Poisoning, we're setting a server running responder that will listen to LLMNR queries and act as rogue SMB server, but how can we trick users to put some non-existent IP address or share name into their explorer? Are we just relying on a coincidence of a user mistakenly jotting down a typo?

#ActiveDirectory #Pentesting

heise security Webinar: M365-Sicherheit selbst testen und verbessern

M365 ist kein Security-Highlight. Firmen und Behörden sollten deshalb ihre Cloud-Dienste prüfen und optimieren. Das Webinar gibt dazu den Schnelleinstieg.

https://www.heise.de/news/heise-security-Webinar-M365-Sicherheit-selbst-testen-und-verbessern-11083172.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#ActiveDirectory #EntraID #IT #Microsoft #Security #news

heise security Webinar: M365-Sicherheit selbst testen und verbessern

M365 ist kein Security-Highlight. Firmen und Behörden sollten deshalb ihre Cloud-Dienste prüfen und optimieren. Das Webinar gibt dazu den Schnelleinstieg.

https://www.heise.de/news/heise-security-Webinar-M365-Sicherheit-selbst-testen-und-verbessern-11083172.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#ActiveDirectory #EntraID #IT #Microsoft #Security #news

The answer that I do this for *work*, I do not think it is *fun*, or a *hobby*, and I will never in my life troubleshoot an #ActiveDirectory problem unless I am getting paid for it, was not what he expected.

#SysAdmin#DatacenterLife

The answer that I do this for *work*, I do not think it is *fun*, or a *hobby*, and I will never in my life troubleshoot an #ActiveDirectory problem unless I am getting paid for it, was not what he expected.

#SysAdmin#DatacenterLife