Netwrix and Stealthbits merge to better secure sensitive data. LEARN MORE

Stealthbits

Posts by Kevin Joyce

Home >Kevin Joyce
Kevin Joyce is a Senior Technical Product Manager at Stealthbits - now part of Netwrix. He is responsible for building and delivering on the roadmap of Stealthbits products and solutions. Kevin is passionate about cyber-security and holds a Bachelor of Science degree in Digital Forensics from Bloomsburg University of Pennsylvania.

What is SMBv1 and Why You Should Disable it

| Kevin Joyce | Security | Leave a Comment

Eternally Affected What is SMB? Server Message Block (SMB) is a protocol used primarily for sharing files, printer services, and communication between computers on a network. The history of SMB is long, so I’ll try to keep this short and to the point. SMBv1 Back in the 1980s and 1990s IBM and Microsoft were working […]

Constrained Delegation Abuse: Abusing Constrained Delegation to Achieve Elevated Access

Kerberos Delegation Recap Previously, I gave an overview of all of the various types of Kerberos delegation, how they’re configured, and how they can potentially be abused. Prior to that, I wrote about abusing resource-based constrained delegation and Jeff Warren has written about abusing unconstrained delegation. To round out the Kerberos delegation topic, I wanted […]

What is Kerberos Delegation? An Overview of Kerberos Delegation

| Kevin Joyce | Security | Leave a Comment

Kerberos Delegation and Usage Kerberos delegation has been around for a long time (Windows Server 2000 to be exact), but more often than not, when speaking to engineers who manage or work with Active Directory, they’re not familiar with all the various implementations of Kerberos delegation, their uses, and some ways they can be abused. […]

What is Azure Active Directory?

High-Level Overview of Azure AD If you’re reading the Insider Threat Security Blog, I’m sure you’re familiar with Active Directory. We’ve covered many topics with on-premise Active Directory: from clean-up to advanced attacks and threat detection. But what about Azure Active Directory? Has your organization started to march into the cloud and begun the migration […]

Protecting Against DCShadow

What Organizations Can Do to Stop a DCShadow Attack Recently, I came across a post outlining how companies CANNOT effectively defend against a DCShadow attack but instead need to take a reactive approach to identify when it may have occurred by monitoring their environment, and rolling back any unwanted changes once they were identified. Unfortunately, […]

Understanding Passwords and Their Problems

| Kevin Joyce | Security | Leave a Comment

What’s The Problem? Today, with the Internet, social media, personal computers, online banking and everything else that exists, end-users need to create and maintain a large number of usernames and passwords for all of the accounts they have. This begins to create a problem. The many accounts we need to remember leads us to want […]

Resource-Based Constrained Delegation Abuse

Abusing RBCD and MachineAccountQuota Delegation is an area that is confusing and complicated for most Active Directory administrators. Unconstrained delegation, constrained delegation, and even resource-based constrained delegation all play a role in not only your Active Directory infrastructure, but also its security posture. For example, unconstrained delegation is very insecure, and can be abused relatively […]

Commando VM: Using the Testing Platform

Windows Offensive VM from Mandiant FireEye Previously, I wrote a high-level overview of the testing platform Commando VM and an installation guide to get started with it. Today, I’ll be diving into a proof of concept of sorts to show off some of the tools and flexibility that the testing platform offers. My goal with […]

Commando VM: Installation & Configuration

Windows Offensive VM from Mandiant FireEye Last time, I wrote a high-level overview of Commando VM and why it is important for both red and blue teamers to be familiar with the tools that come pre-packaged in testing platforms like this one. Today, I’ll be covering the installation and any configuration needed to get up […]

Commando VM: Introduction

Windows Offensive VM from Mandiant FireEye What is Commando VM? Commando VM is a Windows testing platform, created by Mandiant FireEye, meant for penetration testers who are more comfortable with Windows as an operating system. Commando VM is essentially the sister to Kali, a Linux testing platform widely used throughout the penetration testing community. These […]

Subscribe

DON'T MISS A POST. SUBSCRIBE TO THE BLOG!

© 2021 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL