ALittleInsecure

Exploring the insecurities I find in the world so I can repress the ones I find in myself.

  • Files that Coerce: Search Connectors and Beyond

    Inspired by a webcast on NTLM coercion from Black Hills Information Security, I went down the rabbit hole of file-based forced authentication. After reviewing basically every blog post, piece of Microsoft documentation, and existing tool I could find I performed testing in my home lab and created my own tool, LinkSiren, to simplify and improve…

  • DNS Hijacking: Say My Name

    The Domain Name System (DNS) is responsible for converting human-readable names into machine-readable Internet Protocol (IP) addresses. In Windows environments where names are intimately tied to identities and authentication, creating and taking over existing DNS records can be a lucrative endeavor that enables coercion and potential relay of NTLM and Kerberos authentication. TL;DR – This…