A Write-Up by TrustedSec’s Research Lead Carlos Perez and Binary Defense’s Research Lead Jonathan Johnson Introduction While it is important to discover new tradecraft, it is equally important to explore well-established and widely used techniques.  The Binary Defense research team collaborated with the TrustedSec research team to dive into adversarial Lightweight Directory Access Protocol (LDAP) tradecraft. This blog outlines the results of our research, provides a tool for exposing LDAP telemetry, and offers guidance on detecting malicious LDAP activity.

Source: Binary Defense