Publications

Using ntdissector to extract secrets from ADAM NTDS files

06/12/2023
Tools
Pentest
During the development of ntdissector, we stumbled upon an AD Lightweight Directory Services (LDS) instance used by an internal application of a customer to store data. Just like AD DS, AD LDS stores the data inside a dit file: adamntds.dit. However, all known tools failed to parse this file while it looks a lot like a NTDS.dit file. In our research, we eventually found an article in cache already explaining a lot of differences with a standard NTDS.dit file. Unfortunately, the associated code was no longer available on GitHub. This ...

Pcapan: a PCAP analysis helper

22/11/2023
Tools
Reverse-engineering
This post showcases a small but very useful tool that can be used to classify expected and suspicious traffic in a network capture file, and, more importantly, what the process is for writing such a tool.

systemd hardening made easy with SHH

07/11/2023
Development
Tools
Systems
Introducing SHH, Systemd Hardening Helper, a tool written in Rust to automatically build a set of hardening options for a service using runtime profiling.

Captain Hook - How (not) to look for vulnerabilities in Java applications

19/01/2022
Tools
During my 6-months intership, I developed a tool to ease vunerability research on Java applications. I used several software and libraries, and faced a number of issues throughout the development of this tool, Captain Hook. This article describes Captain Hook's development process from the beginning along with its challenges.