Author

Articles by Will Burgess

Videos

How attackers abuse Access Token Manipulation (ATT&CK T1134)

This blog teaches security practitioners how attackers abuse legitimate Windows functionalities to move laterally and compromise Active Directory domains.

Videos

Introduction to Windows tokens for security practitioners

Windows access token manipulation attacks are well known and abused from an offensive perspective, but rely on an extensive body of arcane Windows security internals. In this blog post, we demystify how access tokens work in Windows environments.