if you are interested in network penetration testing or red teaming, I explained office persistence with cobalt strike, enjoy
#redteam
#penetrationtesting
if you are interested in network penetration testing or red teaming I collected most of the commands used in AD domain enumeration in three parts, enjoy
part 1 ==>
Alhamdulillah,
I'm glad to announce that I have passed the Web Application Penetration Testing Extremely exam, thanks to
@eLearnSecurity
for the great course and content
Thank you
@Resecurity
for your support
if you are interested in network penetration testing or red teaming, I explained the attack using a scf file to gather hashes
and if you want to try this attack,htb machine (Driver)
#redteam
#penetrationtesting
Alhamdulillah,
I'm glad to announce that I have passed the eLearnSecurity eCPPT Certified Professional Penetration Tester exam, thanks to
@eLearnSecurity
for the great course and content
Thank you
@Resecurity
for your support
In this article, I wrote about Windows Credentials SAM Database part-1
I used tools samdump2,pwdump7, InvokePowerDump.ps1,creddump7,impacket, Mimikatz, Metasploit Framework: HashDump, load kiwi, credential_collector, John The Ripper
if you are interested in network penetration testing or red teaming, I explained the attack using a scf file to gather hashes and if you want to try this attack,
htb machine (Driver)
#redteam
#penetrationtestin
if you are interested in network penetration testing or red teaming, I explained most Kerberos attacks , enjoy
part 1 ===>Kerbroasting
part 2 ===>AS-REP Roasting
part 3 ===>Silver Ticket
if you are interested in network penetration testing or red teaming I collected most of the commands used AD domain enumeration in three parts, enjoy
part 1 ==>
part 2 ==>
part 3 ==>
In the first part of Kerberos attacks (Kerbroasting) I wrote about spn and use PowerShell scripts such as FindPotentiallyCrackableAccounts.ps1, GetUserSPNs.ps1, TGSCipher.ps1, and Mimikatz
waiting for your feedback
if you are interesting in penetration tester and red-teaming, I install SQL server in windows server and connect from windows 10 by HeidiSQL
#redteam
#penetrationtesting
Seatbelt: This tool is more gathering-info oriented than privesc, but it has some pretty nice checks and looks for some passwords.
You need to compile it:
use precompiled binaries:
if you are interested in network penetration testing or red teaming, I explained the attack using a scf file to gather hashes
and if you want to try this attack,htb machine (Driver)
@nav1n0x
From the late 1990s to the early 2000s, the file path /vti_pvt/service. pwd stored configuration files, including sensitive data, related to FrontPage Server Extensions