Comment on page

SCCM / MECM Abuse

System Center Configuration Manager / Microsoft Endpoint Configuration Manager

​https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a​
​https://www.hub.trimarcsecurity.com/post/push-comes-to-shove-exploring-the-attack-surface-of-sccm-client-push-accounts​
​https://blog.xpnsec.com/unobfuscating-network-access-accounts/​
​https://www.thehacker.recipes/ad/movement/sccm-mecm​
​https://www.securesystems.de/blog/active-directory-spotlight-attacking-the-microsoft-configuration-manager/​
​https://http418infosec.com/offensive-sccm-summary​
Tools
MalSCCM
​https://labs.nettitude.com/blog/introducing-malsccm/​
​https://github.com/nettitude/MalSCCM​
SharpSCCM
​https://github.com/Mayyhem/SharpSCCM​

Last modified 2mo ago