NetSPI Blog

Kevin Robertson

Kevin Robertson holds a BS in Computing Security and Technology from Drexel University. Kevin has spent 20 years in IT with the last 5 years focused on penetration testing and tool development.

Kevin Robertson
December 5th, 2018

ADIDNS Revisited – WPAD, GQBL, and More

A few months ago, I wrote a blog post on exploiting Active Directory-Integrated DNS (ADIDNS). This post will mainly cover some additional techniques on both the offensive and defensive fronts. I would suggest at least skimming the original post before continuing here. With that out of the way, I’d like to start by adding in […]

Kevin Robertson
September 25th, 2018

Inveigh – What’s New in Version 1.4

Ugh, I can’t believe it’s been a year and a half since the last release of Inveigh. I had intended to complete a new version back in March. At that time, my goals were to perform some refactoring, incorporate dynamic DNS updates, and add the ability to work with shares through NTLM challenge/response relay. In […]

Kevin Robertson
July 10th, 2018

Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS

Exploiting weaknesses in name resolution protocols is a common technique for performing man-in-the-middle (MITM) attacks. Two particularly vulnerable name resolution protocols are Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBNS). Attackers leverage both of these protocols to respond to requests that fail to be answered through higher priority resolution methods, such as DNS. […]