Intelligence tagged Offensive Security Technical Blog

Cyber Intelligence Weekly
Join Echelon’s 31K+ subscribers and stay current on cybersecurity trends and insights.
Offsec Quick Tips: Info Attribute in Domain Objects
Offsec Quick Tips: Info Attribute in Domain Objects
Quick tip highlights that sensitive data like plaintext credentials can sometimes be stored in the “info” attribute of Active Directory user and group objects, and it shows how attackers can extract this data without valid credentials using NTLM relay techniques. It also demonstrates modifying ntlmrelayx to dump this attribute, reinforcing the need for admins to avoid storing sensitive information in these fields and to audit them regularly.
Posted on Jun 22 / 2026
iOS App Pentest: Dumping certificate and private key from Keychain
iOS App Pentest: Dumping certificate and private key from Keychain
Diego Pérez Barrueta, Senior Offensive Security Consultant at Echelon, walks through how to intercept mTLS traffic on an iOS app pentest when SSLKillSwitch isn't enough, extracting the client certificate and private key from the Keychain using Frida, and importing them into Burp Suite as a PKCS#12 file to establish full mTLS communication.
Posted on Mar 31 / 2026
Are you ready to get started?