Posts by Tag

Active Directory Hacking

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Internal Infrastructure Pentest - LLMNR

less than 1 minute read

LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...

Internal Infrastructure Pentest - DumpSec

less than 1 minute read

Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...

Back to top ↑

Windows Security

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Internal Infrastructure Pentest - LLMNR

less than 1 minute read

LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...

Internal Infrastructure Pentest - DumpSec

less than 1 minute read

Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...

Back to top ↑

ATM pentesting

Back to top ↑

ATM hacking

Back to top ↑

Kiosk Hacking

Back to top ↑

Password Cracking

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Back to top ↑

Registry Key Hacking

Back to top ↑

TIP

Threat Investigation Canvas

less than 1 minute read

Over the last few days, I observed targeted campaigns against Microsoft brand. With multiple feed sources, found 447 unique malicious domains.

Back to top ↑

SOAR

Threat Investigation Canvas

less than 1 minute read

Over the last few days, I observed targeted campaigns against Microsoft brand. With multiple feed sources, found 447 unique malicious domains.

Back to top ↑

Hardware

Back to top ↑

Dropbox

Back to top ↑

LLMNR

Internal Infrastructure Pentest - LLMNR

less than 1 minute read

LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...

Back to top ↑

Password

Back to top ↑

Hash Cracking

Back to top ↑

Kali

Installing Kali in AWS EC2 Instance

less than 1 minute read

sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...

Back to top ↑

LOTL

HiveJack

3 minute read

HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...

Living Off The Land Binaries - AT Command

3 minute read

Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...

Back to top ↑

EDR

HiveJack

3 minute read

HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...

Living Off The Land Binaries - AT Command

3 minute read

Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...

Back to top ↑

Living Off The Land

HiveJack

3 minute read

HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...

Living Off The Land Binaries - AT Command

3 minute read

Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...

Back to top ↑

Offensive Security

Installing Kali in AWS EC2 Instance

less than 1 minute read

sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...

Back to top ↑

Windows Services

Back to top ↑

Security Policies

Back to top ↑

Cheatsheet

Back to top ↑

Windows commands

Back to top ↑

Null Session

Back to top ↑

PsExec

Back to top ↑

Remote PsExec

Back to top ↑

NTDS

Back to top ↑

DIT file extraction

Back to top ↑

DumpSec

Internal Infrastructure Pentest - DumpSec

less than 1 minute read

Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...

Back to top ↑

DACL

Internal Infrastructure Pentest - DumpSec

less than 1 minute read

Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...

Back to top ↑

SACL

Internal Infrastructure Pentest - DumpSec

less than 1 minute read

Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...

Back to top ↑

Cracking

Back to top ↑

Hash

Back to top ↑

Hashcat

Back to top ↑

Password Spraying

Back to top ↑

Spraying

Back to top ↑

Intial Foothold

Back to top ↑

Mimikatz

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Back to top ↑

Passwords

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Back to top ↑

Foothold

Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...

Back to top ↑

Skeleton Key Attack

Back to top ↑

RDP

Back to top ↑

Remote Desktop

Back to top ↑

Netcat

Back to top ↑

Citrix Breakout

Back to top ↑

Citrix

Back to top ↑

Hydra

Back to top ↑

Password Bruteforcing

Back to top ↑

Tools

Back to top ↑

Repos

Back to top ↑

Internal Pentest Tools

Back to top ↑

Kerberoasting

Back to top ↑

Kerberos

Back to top ↑

Nessus

Back to top ↑

Nmap

Back to top ↑

Ping Sweep

Back to top ↑

Procdump

Back to top ↑

Sysinternals

Back to top ↑

Responder

Back to top ↑

SMB

Back to top ↑

MiTM

Back to top ↑

UAC

Internal Infrastructure Pentest - UAC Bypass

less than 1 minute read

• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...

Back to top ↑

UAC Bypass

Internal Infrastructure Pentest - UAC Bypass

less than 1 minute read

• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...

Back to top ↑

HDD Hack

Back to top ↑

Boot unencrypted HDD

Back to top ↑

User Management

Back to top ↑

msfvenom

Internal Infrastructure Pentest - msfvenom

less than 1 minute read

Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...

Back to top ↑

metasploit

Internal Infrastructure Pentest - msfvenom

less than 1 minute read

Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...

Back to top ↑

Metasploit

Back to top ↑

GPP

Back to top ↑

SOCKS

Back to top ↑

SOCKS Tunnel

Back to top ↑

SOCKS Proxy

Back to top ↑

AppSec

Back to top ↑

HTML2PDF

Back to top ↑

2G -GSM Hacking

Back to top ↑

4G - LTE Hacking

Back to top ↑

Internal Pentest

HiveJack

3 minute read

HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...

Back to top ↑

USB

Back to top ↑

Recovery

Back to top ↑

Forensics

Back to top ↑

IOCs

Back to top ↑

Ransomware

Back to top ↑

Malware

Back to top ↑

CVE-2020-15227

Nette Framework: CVE-2020-15227

less than 1 minute read

Nette Framework: Nette Framework is an open-source framework for creating web applications in PHP 5 and 7. It supports AJAX, DRY, KISS, MVC and code reusabil...

Back to top ↑

RCE

Nette Framework: CVE-2020-15227

less than 1 minute read

Nette Framework: Nette Framework is an open-source framework for creating web applications in PHP 5 and 7. It supports AJAX, DRY, KISS, MVC and code reusabil...

Back to top ↑

PHP

Nette Framework: CVE-2020-15227

less than 1 minute read

Nette Framework: Nette Framework is an open-source framework for creating web applications in PHP 5 and 7. It supports AJAX, DRY, KISS, MVC and code reusabil...

Back to top ↑

Hacking tool

BigBountyRecon - Reconnaissance Tool

9 minute read

BigBountyRecon BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial recon...

Back to top ↑

DevOps

Back to top ↑

Security Automation

Back to top ↑

DevSecOps

Back to top ↑

AV Bypass

Back to top ↑

In Memory Execution

Back to top ↑

Nuking Tools

Back to top ↑

Purple Team

Back to top ↑

Incident Response

Back to top ↑