The Vilkas Wire

Weak access controls on AD CS certificate templates (ESC4) allow attackers to edit certificate templates, which can be used in attacks…Weak access controls on AD CS certificate templates (ESC4) allow attackers to edit certificate templates, which can be used in attacks resulting in domain compromise.

Most penetration tests succeed or fail before testing even begins. This post breaks down what proper scoping actually looks like.Most penetration tests succeed or fail before testing even begins. This post breaks down what proper scoping actually looks like.

Learn how missing LDAP signing enables credential relay, footholds, and chained Active Directory attacks during real internal penetration…Learn how missing LDAP signing enables credential relay, footholds, and chained Active Directory attacks during real internal penetration tests.

How unsigned SMB traffic is abused during internal penetration tests, why “enabled but not required” still fails, and how this…How unsigned SMB traffic is abused during internal penetration tests, why “enabled but not required” still fails, and how this misconfiguration enables real attack chains.

When Active Directory is in scope, giving your pentester a low‑privilege password is not cheating; it simulates a compromised user account…When Active Directory is in scope, giving your pentester a low‑privilege password is not cheating; it simulates a compromised user account and exposes real identity risk in your internal environment.

Organizations often pass audits but still fall to basic misconfigurations and control gaps. Learn how pentesting provides the real-world…Organizations often pass audits but still fall to basic misconfigurations and control gaps. Learn how pentesting provides the real-world validation that GRC checklists cannot deliver.

Passing an audit doesn’t mean you’re secure. Here’s how to plan and scope a pentest that actually protects your business.Passing an audit doesn’t mean you’re secure. Here’s how to plan and scope a pentest that actually protects your business.

A misconfigured AD CS template (ESC1) can let any domain user escalate to Domain Admin in minutes. Learn how this common flaw works and the…A misconfigured AD CS template (ESC1) can let any domain user escalate to Domain Admin in minutes. Learn how this common flaw works and the simple fixes that close the door on one of Active…

EDR won’t save you if your keys are under the mat. Fund secure configs, asset inventory, and real pen tests before buying another shiny…EDR won’t save you if your keys are under the mat. Fund secure configs, asset inventory, and real pen tests before buying another shiny tool.