Resources / Blogs

TrustedSec

Active Directory, social engineering, and post-exploitation

TrustedSec logo

TrustedSec is one of the most respected names in offensive security consulting, founded by David Kennedy (creator of the Social-Engineer Toolkit). Their blog delivers cutting-edge research that directly impacts how security professionals approach red team engagements.


Why Follow This Blog

TrustedSec consistently publishes high-quality technical content that bridges the gap between theoretical vulnerabilities and practical exploitation. Their researchers are active in the security community and frequently release tools alongside their research.

Key Topics Covered

Active Directory Security

  • Kerberos Attacks: Detailed walkthroughs of Kerberoasting, AS-REP roasting, and delegation abuse
  • Privilege Escalation: Domain escalation paths and misconfigurations
  • Persistence Techniques: Golden tickets, silver tickets, and skeleton keys
  • Trust Relationships: Cross-forest and cross-domain attack techniques

Social Engineering

  • Phishing Campaigns: Technical implementation of sophisticated phishing attacks
  • Pretexting: Building believable scenarios for social engineering
  • Physical Security: Red team physical penetration techniques
  • Vishing: Voice phishing methodologies

Post-Exploitation

  • Lateral Movement: Techniques for moving through compromised networks
  • Credential Harvesting: Memory scraping and credential extraction
  • Defense Evasion: Bypassing EDR and security controls
  • Data Exfiltration: Covert channels and exfiltration methods

Tool Development

  • Social-Engineer Toolkit (SET): Updates and usage guides
  • Artillery: Honeypot and monitoring tool
  • Unicorn: PowerShell downgrade attack tool
  • Custom Tooling: In-house tools released to the community

Notable Research Areas

Red Team Operations

TrustedSec’s blog frequently covers full attack chain scenarios, demonstrating how multiple techniques combine in real-world engagements:

  • Initial access vectors
  • Network reconnaissance
  • Domain compromise paths
  • Objective completion strategies

Cloud Security

Increasingly focused on cloud-based attacks:

  • Azure AD exploitation
  • AWS privilege escalation
  • Multi-cloud attack scenarios
  • Identity federation abuse

Purple Team Content

Content valuable for both offensive and defensive teams:

  • Detection opportunities for attacks
  • Log analysis for compromise indicators
  • Security architecture recommendations
  • Incident response considerations

Content Format

Blog Posts

  • Technical Deep Dives: Detailed explanations with code samples
  • Tool Releases: Announcements with usage documentation
  • Case Studies: Anonymized real-world engagement examples
  • Industry Commentary: Perspectives on security trends

Associated Resources

  • Webcasts: Regular free security webcasts
  • Podcasts: Security discussions and interviews
  • Conference Talks: Presentations at major security conferences
  • Training: Courses and workshops

Visit website → · RSS feed