netbiosXAug 13, 2025
Active Directory Enumeration - ADWS
https://ipurple.team/2025/08/12/active-directory-enumeration-adws/ #purpleteam #ipurpleteam
Active Directory Enumeration – ADWS

Microsoft introduced Active Directory Web Services (ADWS) in Windows Server 2008 R2 as a method to provide an interface to instances for querying and managing Active Directory over a network. The s…

Purple Team
netbiosXAug 5, 2025
BadSuccessor | Purple Team Approach #purpleteam #purpleteaming #ipurpleteam
https://ipurple.team/2025/07/28/badsuccessor/
BadSuccessor

Microsoft has introduced a feature in Windows Server 2025 to prevent credential harvesting via Kerberoasting and other credential stuffing attacks. This new feature comes in the form of a new accou…

Purple Team
netbiosXFeb 21, 2024
Detection Rules Development Framework https://ipurple.team/2024/02/21/detection-rules-development-framework/ #purpleteam #ipurpleteam #detectionengineering
Detection Rules Development Framework

Organizations who invest in detection engineering have an edge towards identification of threats. However, there is no industry standard to define the framework around the development of detection …

Purple Team
netbiosXJan 3, 2024
Scheduled Task Tampering https://ipurple.team/2024/01/03/scheduled-task-tampering/ #purpleteam #ipurpleteam
Scheduled Task Tampering

The HAFNIUM threat actor is using an unconventional method to tamper scheduled tasks in order to establish persistence via modification of registry keys in their malware called Tarrask. The benefit…

Purple Team