Articles by Will Burgess

This blog teaches security practitioners how attackers abuse legitimate Windows functionalities to move laterally and compromise Active Directory domains.

Windows access token manipulation attacks are well known and abused from an offensive perspective, but rely on an extensive body of arcane Windows security internals. In this blog post, we demystify how access tokens work in Windows environments...