all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Demystifying Cobalt Strike’s “make_token” Command

Add to bookmarks
Nov. 10, 2023, 2:51 p.m. | Simone Salucci and Daniel Lopez Jimenez

NCC Group Research Blog research.nccgroup.com

Introduction If you are a pentester and enjoy tinkering with Windows, you have probably come across the following post by Raphael Mudge: Windows Access Tokens and Alternate Credentials In this post, he explains how the Windows program runas works and how the netonly flag allows the creation of processes where the local identity differs from […]

access access tokens cobalt cobalt strike command credentials flag identity introduction local mudge pentester processes program strike study guide tokens tutorial windows

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Sifting through the spines: identifying (potential) Cactus ransomware victims 1 week ago | research.nccgroup.com
access blog cactus cactus ransomware +17
Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis 2 weeks, 6 days ago | research.nccgroup.com
analysis architecture confidential data +19
Non-Deterministic Nature of Prompt Injection 2 weeks, 6 days ago | research.nccgroup.com
attack easy explained exploiting +10
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) 3 weeks, 3 days ago | research.nccgroup.com
access advisory api attack +24
Public Report – Google Privacy Sandbox Aggregation Service and Coordinator 1 month ago | research.nccgroup.com
aggregation companies google google privacy sandbox +16
Android Malware Vultur Expands Its Wingspan 1 month ago | research.nccgroup.com
android android banking malware android malware authors +18
LTair: The LTE Air Interface Tool 1 month, 2 weeks ago | research.nccgroup.com
air attacks blog blog post +14
The Development of a Telco Attack Testing Tool 1 month, 2 weeks ago | research.nccgroup.com
attack blog challenges development +13
Public Report – AWS Nitro System API & Security Claims Italian 1 month, 4 weeks ago | research.nccgroup.com
amazon amazon web services api apis +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs