Explore >> Select a destination
|
You are here 
|
foxglovesecurity.com | ||
| | | | |
bogs.io
|
|
| | | | | An extensive walk-through the popular methods of exploiting SMB using tools such as Metasploit, Reponder, psexec | |
| | | | |
shenaniganslabs.io
|
|
| | | | | By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPv2 challenge response hash for the domain computer account. This challenge response hash can then be submitted to crack.sh to recover the NTLM hash of the computer account in less than 24 hours. Once recovered, this NTLM hash combined with the domain SID can be used to forge Kerberos silver tickets to impersonate a privileged user and compromise the host. An example of this is to create a silver ticket for the CIFS service of the... | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
johnjhacking.com
|
|
| | | Certified Ethical Hacker | Master The CEH Master offered by EC-Council, claims to be a real-world, hands-on approach to everyday life as an ethical hacker: In the above photo, what stood out the most to me was, "We test your abilities with real-world challenges in a real-world environment, and a time limit, just as you would find in your job." The CEH Master is a combination of the CEH Exam and the CEH Practical. | ||
