For the month of January, TCM Security is offering free Active Directory Health Checks to any company with 10 or more employees. To inquire, please contact us here.
Internal Persistence Techniques

Internal Persistence Techniques

The majority of our internal penetration tests are at least a week long.  While we generally have a drop box sent to the client to enable our access to the network, we have to consider efficiency as well.  Ensuring persistent access in a network is vital to...
Bypassing Defender the Easy Way – FodHelper

Bypassing Defender the Easy Way – FodHelper

If you’ve ever tried to run a command prompt as administrator on your Windows OS before, you’ve seen a harmless popup appear. This is Windows User Account Control, or UAC. According to Microsoft, UAC “is a fundamental component of Microsoft’s overall security vision....
Pentest Tales #002: Digging Deep​

Pentest Tales #002: Digging Deep​

Pentest Tales #002: Digging Deep Welcome to the second edition of Pentest Tales, a blog series that walks through real-world pentests we’ve performed in the past.  The purpose of this blog is not just to share the “owning” of a domain, but to...
SMB Relay Attacks – Gift That Keeps on Giving

SMB Relay Attacks – Gift That Keeps on Giving

With all of the new Microsoft vulnerabilities features being exploited lately, it’s important to consider some of the vulnerabilities that have truly withstood the test of time. Flavor of the Month vulnerabilities like PrinterNightmare and attacking Active...
Kerberoasting Domain Accounts

Kerberoasting Domain Accounts

The Gift That Keeps on Giving Few vulnerabilities in the Windows Active Directory environment have had the long-lasting impact that Service Principal Names (SPN) have.  Domain-connected services, such as MSSQL servers, web servers, and more may be connected and...