How we did it

Exploited open VPN access and AnyDesk admin controls.
Used DCSync & Shadow Credentials for privilege escalation.
Performed lateral movement through SMB pivots.

Conclusion

The engagement revealed weak security configurations, which allowed for undetected privilege escalation. Network segmentation and MFA were prioritised for mitigation.

Assumed Breach and Privilege Escalation Case

Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

The Challenge

The assumed breach scenario tested infrastructure security by simulating insider threats. Major weaknesses included 2FA absence, weak endpoint security, and poor segmentation.

The Solution

Enforced 2FA on VPN and O365 to block unauthorized access.

Improved AD security by restricting certificate services.

Strengthened endpoint hardening using CIS benchmarks.

Application Penetration Testing

Infrastructure Assessment

Cloud Infrastructure

Performance and scalability assessment

Cybersecurity assessment

Red Teaming

Compliance Readiness Services

Purple Teaming

Training

Due Diligence

Insides

Case Studies

Contact Us

About Tenendo

Contact us:

How we did it

Conclusion

Tenendo Limited