Hello friends! In this week’s Tuesday TOOLSday we continue the theme of using schtasks for evil - this time by camping out on a WinRM connection with local admin access, and then coercing HTTP authentication from a logged-in domain admin account to give us full control of the domain.

Hey and while you’re here, why not…

Thoughts to share?

Leave a comment

Questions for me?

Brian

Get more from Brian Johnson in the Substack app

Available for iOS and Android

Get the app