Category: Purple Team
-
Lateral Movement – BitLocker
BitLocker is a full disk encryption feature which was designed to protect data by providing encryption to entire volumes. In Windows endpoints (workstations, laptop devices etc.), BitLocker is typically enabled to prevent unauthorized access to data stored on the drive in the event of device theft or loss. Every application…
-
BadSuccessor
Microsoft has introduced a feature in Windows Server 2025 to prevent credential harvesting via Kerberoasting and other credential stuffing attacks. This new feature comes in the form of a new account type called dMSA (delegated Managed Service Account) and enables administrators to migrate standard service accounts to machine accounts with…
-
Browser Stored Credentials
Modern web browsers have the capability to store web application based credentials of users in an encrypted format. This functionality has been seen as a security improvement towards the password hygiene of organizations due to the potential prevention of credentials stored in non-encrypted locations. Utilization of the browser based functionality…
-
SharpHound Detection
BloodHound is an attack path management solution which can discover hidden relationships in Active Directory by performing data analysis to identify paths in the domain that will lead to lateral movement and domain escalation. Data are retrieved from Domain Controllers and Domain-Joined systems via SharpHound which is the data collector…
Purple Team 