Using Active Directory Replication Metadata for hunting purposes

Introduction: This blog post is meant for AD Admins and Security Professionals to look for suspicious activities in Active Directory by using it’s replication metadata. What is Replication?Replication is an important functionality in Active Directory, because it allows changes that happens on one Domain Controller to be transferred on other Domain Controllers in a forest.Continue reading “Using Active Directory Replication Metadata for hunting purposes”

SetObjectSecurity.exe – SDDL

Introduction: In this blog post you will learn more about the security permission model in Windows and how can you view and set permissions on securable objects by using tools like SetObjectSecurity.exe A securable object is an object that can have a Security Descriptor. You can think of folders, registry keys, network shares, services, ActiveContinue reading “SetObjectSecurity.exe – SDDL”


Something went wrong. Please refresh the page and/or try again.

Follow My Blog

Get new content delivered directly to your inbox.

%d bloggers like this: