Penetration Testing

  • Raúl Redondo
  • No Comments

The Phantom Menace: Exposing hidden risks through ACLs in Active Directory
The Phantom Menace: Exposing hidden risks through ACLs in Active Directory 1920 1080 Raúl Redondo
Discover how attackers exploit hidden risks in Active Directory ACLs. Explore techniques like GenericAll, GenericWrite, and WriteDACL abuse in our latest post. read more
  • Raúl Redondo
  • No Comments

Kerberos IV – Delegations
Kerberos IV – Delegations 1920 1080 Raúl Redondo
Discover how to abuse Kerberos for lateral movement. Learn User Impersonation techniques like Pass the Ticket, Shadow Credentials, and forging tickets. read more
  • Raúl Redondo
  • No Comments

Kerberos III – User Impersonation
Kerberos III – User Impersonation 1920 1080 Raúl Redondo
Discover how to abuse Kerberos for lateral movement. Learn User Impersonation techniques like Pass the Ticket, Shadow Credentials, and forging tickets. read more
  • Raúl Redondo
  • No Comments

Kerberos II – Credential Access
Kerberos II – Credential Access 1920 1080 Raúl Redondo
Dive into the fundamentals of the Kerberos authentication protocol. Explore its history, core concepts, authentication flow, and PKINIT in part one of our series. read more
  • Raúl Redondo
  • No Comments

Kerberos I – Overview
Kerberos I – Overview 1920 1080 Raúl Redondo
Dive into the fundamentals of the Kerberos authentication protocol. Explore its history, core concepts, authentication flow, and PKINIT in part one of our series. read more
  • Lares Labs
  • No Comments

Outlook 365 for the PWN
Outlook 365 for the PWN 1200 630 Lares Labs
Outlook 365 for the PWN shows how an attacker can chain built in tools like PowerShell, Word macros, and Outlook COM automation to quietly enumerate domain users and exfiltrate data over email, then closes with practical macro hardening steps in GPO and Endpoint Manager to help defenders get ahead of this tradecraft. read more
  • Lares Labs
  • No Comments

Living Off The Land – Built-In Pwning
Living Off The Land – Built-In Pwning 1200 630 Lares Labs
Living Off The Land – Built-In Pwning walks through how adversaries can use native Windows capabilities like PowerShell Get-CimInstance and ADSI Searcher to quietly enumerate domain groups, users, passwords in description fields, and remote administration paths such as WinRM and SMB, all without dropping additional tooling on disk. read more

How Lares Thinks About Mythos-Class AI in Offensive Security
How Lares Thinks About Mythos-Class AI in Offensive Security 1200 630 Andrew Heller
Mythos-class AI is changing how vulnerabilities are found, not replacing real adversaries. Learn how Lares views Mythos, AI-assisted testing, and what security teams should do next. read more

What We Look For in a Penetration Tester at Lares (And Why Clients Care)
What We Look For in a Penetration Tester at Lares (And Why Clients Care) 1200 630 Andrew Heller
What is the difference between a standard security report and a true adversarial assessment? It all comes down to the operators. See what we look for at Lares. read more

WEBINAR: OWASP Agentic AI Top 10: Threats in the Wild
WEBINAR: OWASP Agentic AI Top 10: Threats in the Wild 150 150 Andrew Heller

Artificial intelligence is no longer just answering our questions. It is taking action. We have moved from simple chatbots to Agentic AI applications that can reason, plan, invoke external tools,…

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Call Us

(720) 600-0329

Email Us

sales@lares.com

©2025 Lares, a Damovo Company | All rights reserved.
Enter your
text here