Report an incident
Customer Portal
← Back to Labs
← Volver a Labs
High
Malware
Discovery
EDR, Sysmon, Windows

Active Directory Enumeration Evolved: Exploring SOAPHound’s Exploitation of ADWS

Domain enumeration represents a critical initial phase of reconnaissance for malicious actors. An innovative approach designed to bypass traditional LDAP monitoring mechanisms is via the Active Directory Web Services (ADWS) protocol and SOAPHound emerges as one of the major tool specifically engineered to exploit the ADWS protocol's capabilities.

Download PDF

labs correlati

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation
Medium
Bypass
Privilege Escalation
Sysmon, Windows

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation

Learn more
BlueHammer windows Zero-Day
Medium
Bypass
Privilege Escalation
EDR, Sysmon, Windows

BlueHammer windows Zero-Day

Learn more
Weaponizing Windows Toast Notifications Abuse of ToastNotify.exe for Phishing and Credential Coercion
Medium
Bypass
Defense Evasion
EDR, Sysmon, Windows

Weaponizing Windows Toast Notifications: Abuse of ToastNotify.exe for Phishing and Credential Coercion

Learn more
1 2 3 12

Contacts

Get in touch with us

Contact Us
Sorint.SEC
Via dell'Artigianato,
24046 Osio Sotto BG
Italy


+39 035 0510401
info@sec.sorint.it
Pages
Services
Certifications
chevron-right