| 2626 | Harvesting Active Directory credentials via HTTP Request Smuggling |
HTTP request smuggling |
NA |
Tijme Gommers (@tijme) |
Bug Bounty | 2021-04-19 | 2023-06-13 |
| 2469 | Certified Pre-Owned |
Active Directory Privilege Escalation
ADCS
Windows |
Microsoft |
Will Schroeder (@harmj0y) |
Bug Bounty | 2021-06-17 | 2023-06-13 |
| 2068 | CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory |
Information disclosure |
Microsoft |
Karl Fosaaen (@kfosaaen) |
Bug Bounty | 2021-11-17 | 2023-06-13 |
| 1658 | Azure Active Directory Exposes Internal Information |
Information disclosure |
Microsoft |
Secureworks Counter Threat Unit (@Secureworks) |
Bug Bounty | 2022-04-05 | 2023-06-13 |
| 1653 | Azure Active Directory Exposes Internal Information |
Cloud
Information disclosure
Azure AD |
Microsoft (Azure) |
Counter Threat Unit Research Team |
Bug Bounty | 2022-04-05 | 2023-06-13 |
| 1561 | Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) |
Active Directory Privilege Escalation |
Microsoft |
Oliver Lyak (@ly4k_) |
Bug Bounty | 2022-05-10 | 2023-06-13 |
| 1560 | Diving Into Pre-created Computer Accounts |
Active Directory
Local Privilege Escalation
Windows |
NA |
Oddvar Moe (@Oddvarmoe) |
Bug Bounty | 2022-05-10 | 2023-06-13 |
| 1031 | New Attack Paths? AS Requested Service Tickets |
Local Privilege Escalation
Windows
Kerberos
Active Directory |
Microsoft |
Charlie Clark (@exploitph) |
Bug Bounty | 2022-09-25 | 2023-06-13 |
| 893 | Abusing Windows’ tokens to compromise Active Directory without touching LSASS |
Local Privilege Escalation
Windows
Active Directory Privilege Escalation |
NA |
Aurélien Chalot (@Defte_) |
Bug Bounty | 2022-10-27 | 2023-06-13 |
| 870 | The power of adaptability through experience. |
Lateral movement
Active Directory Privilege Escalation |
NA |
Mike Saunders (@hardwaterhacker) |
Bug Bounty | 2022-11-03 | 2023-06-13 |
| 824 | Relaying to AD Certificate Services over RPC |
Active Directory
ADCS
Windows |
NA |
Sylvain Heiniger (@sploutchy) |
Bug Bounty | 2022-11-16 | 2023-06-13 |
| 571 | Azure Active Directory Flaw Allowed SAML Persistence |
Azure AD
SAML
SSO |
Microsoft (Azure) |
Secureworks Counter Threat Unit (@Secureworks) |
Bug Bounty | 2023-01-18 | 2023-06-13 |
| 476 | Azure Ad Kerberos Tickets: Pivoting To The Cloud |
Active Directory
Cloud
Lateral movement |
NA |
Edwin David |
Bug Bounty | 2023-02-09 | 2023-06-13 |
| 300 | AD Security Research: Breaking Trust Transitivity |
Active Directory Privilege Escalation |
Microsoft (Windows) |
Charlie Clark (@exploitph) |
Bug Bounty | 2023-03-14 | 2023-06-13 |
| 242 | Protected Users: you thought you were safe uh? |
Active Directory
Kerberos
NTLM
Internal pentest |
Microsoft (Windows) |
Aurélien CHALOT (@Defte_) |
Bug Bounty | 2023-03-31 | 2023-06-13 |
| 84 | From DA to EA with ESC5 |
Active Directory Privilege Escalation
Internal pentest |
NA |
Andy Robbins (@_wald0) |
Bug Bounty | 2023-05-17 | 2023-06-13 |
| 49 | Anonymised Penetration Test Report |
Internal pentest
RCE
ADCS
Active Directory
Kerberos
DHCPv6
LLMNR |
NA |
Volkis (@VolkisAU) |
Bug Bounty | 2023-05-28 | 2023-06-13 |
| 31 | How a misconfigured Lotus Domino Server can lead to Disclosure of PII Data of Employees, Configuration Details about the Active Directory, etc |
Lotus Domino
Security misconfiguration
Information disclosure |
NA |
Aayush Vishnoi (@AayushVishnoi10) |
Bug Bounty | 2023-06-04 | 2023-06-13 |
