CyberSecurityBoard
Sponsor Register Login

New Active Directory Pentesting Tool For KeyCredentialLink Management

RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. The keycred tool is designed to manipulate the msDS-KeyCredentialLink LDAP attribute, enabling users to register, list, and manage KeyCredentialLinks efficiently. As organizations continue to rely on AD for identity management, tools like keycred will play a pivotal role in enhancing both offensive and defensive security strategies. By leveraging its ability to manipulate the msDS-KeyCredentialLink attribute, penetration testers can simulate advanced attack scenarios such as Shadow Credentials. While tools like pyWhisker have been available for manipulation msDS-KeyCredentialLink, keycred distinguishes itself with its comprehensive feature set and strict adherence to compliance standards. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active Directory Technical Specification (MS-ADTS). Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. For instance, attackers can use tools like keycred or similar utilities (e.g., pyWhisker) to add malicious KeyCredentials to vulnerable accounts. It also allows for practical deviations from the specification, making it a valuable resource for penetration testers and system administrators. This technique involves appending alternate credentials (certificates) to a target account’s attributes, potentially enabling account takeover if misconfigurations exist. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. Its robust capabilities not only empower red teams but also serve as a valuable resource for blue teams seeking to understand and mitigate potential threats. The release of keycred is a game-changer for Active Directory pentesting and administration. Moreover, its integration with PFX file management tools enhances its usability in scenarios requiring certificate-based authentication. The ability to handle certificates directly within the tool eliminates dependency on external utilities like OpenSSL or certutil35.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 21 Feb 2025 03:20:29 +0000


Cyber News related to New Active Directory Pentesting Tool For KeyCredentialLink Management

New Active Directory Pentesting Tool For KeyCredentialLink Management - RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. The keycred tool is designed to manipulate the msDS-KeyCredentialLink LDAP attribute, enabling ...
20 hours ago Cybersecuritynews.com
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
1 year ago Securityboulevard.com
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
11 months ago Bleepingcomputer.com
Five Eyes Agencies Put Focus on Active Directory Threats - Security Boulevard - Cybersecurity agencies in the United States and other countries are urging organizations to harden the security around Microsoft’s Active Director (AD) solution, which has become a prime target of hackers looking to compromise enterprise networks. ...
4 months ago Securityboulevard.com
How workforce reductions affect cybersecurity postures - In its State of Pentesting Report, Cobalt reveals an industry struggling to balance the use of AI and protecting against it, while facing significant resource and staffing constraints. Pentesting plays a key role in addressing this challenge, ...
9 months ago Helpnetsecurity.com
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
1 year ago Techtarget.com
Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning - Our structured query language (SQL) injection detection model detected triggers containing unusual patterns that did not correlate to any known open-source or commercial automated vulnerability scanning tool. We have tested all malicious payloads ...
4 months ago Unit42.paloaltonetworks.com
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
1 year ago Securityboulevard.com
Active Directory Infiltration Methods Employed by Cybercriminals - Active Directory infiltration methods exploit vulnerabilities or weaknesses in Microsoft's Active Directory to gain unauthorized access. Active Directory is a central component in many organizations, making it a valuable target for attackers seeking ...
1 year ago Gbhackers.com
CVE Prioritizer: Open-source tool to prioritize vulnerability patching - CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA's KEV catalog to offer insights into the probability of exploitation and the potential effects of ...
1 year ago Helpnetsecurity.com
SiCat: Open-source exploit finder - SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential ...
1 year ago Helpnetsecurity.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
The 11 Best Identity and Access Management Tools - Demand for Identity and Access Management tools is booming. Today, there are dozens of Identity and Access Management tools on the market. Identity and Access Management solutions share many things in common with other cybersecurity technologies. ...
1 year ago Heimdalsecurity.com
CVE-2017-2343 - The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. As part of an internal security ...
5 years ago
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw - Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Proactive ...
1 year ago Helpnetsecurity.com
6 Best Vulnerability Management Tools for 2023 Compared - Vulnerability management tools discover security flaws in network and cloud environments and prioritize and apply fixes. They go well beyond patch management and vulnerability scanning tools while combining the best of those technologies, creating an ...
1 year ago Esecurityplanet.com
Adalanche: Open-source Active Directory ACL visualizer, explorer - Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It's an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. It helps identify and ...
1 year ago Helpnetsecurity.com
Failing Upwards - One of the phrases my early boss in pentesting taught me and adopted was failing upwards in a career. This leads to hard decisions between hanging up part of your subject matter expertise and focusing on managing and leading teams or do you continue ...
1 year ago Blog.zsec.uk
Top 10 NinjaOne Alternatives to Consider in 2024 - Atera: Best for IT teams needing a unified platform for network and device management, including patch management and automation. Kaseya VSA: Best for IT operations looking for comprehensive IT management including remote control, patch management, ...
7 months ago Heimdalsecurity.com
A Tale of Overcoming Cyber Threats with Auto Pentesting and CTEM - She had preemptively purchased Ridge Security's RidgeBot automated penetration testing product, recently upgraded with new plugins that automatically detect and exploit the MOVEit vulnerability. RidgeBot is an AI-powered security validation platform ...
11 months ago Cyberdefensemagazine.com
Best Paid and Free OSINT Tools for 2024 - Open Source Intelligence tools are software applications or platforms used to collect, analyze, and interpret publicly available information from various online sources, aiding in investigations, research, and intelligence gathering. These OSINT ...
10 months ago Hackread.com
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released - Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI ...
1 year ago Helpnetsecurity.com
7 Best Attack Surface Management Software for 2024 - Attack surface management is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation and applies them to an organization's ...
1 year ago Esecurityplanet.com
What is identity management? Definition from SearchSecurity - Identity management is the organizational process for ensuring individuals have the appropriate access to technology resources. Identity management is an essential component of security. Identity management includes authenticating users and ...
10 months ago Techtarget.com
Kaspersky releases free tool that scans Linux for known threats - Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. Kaspersky's new tool isn't a real-time threat protection tool but a ...
8 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)