Explore >> Select a destination
|
You are here 
|
0xdf.gitlab.io | ||
| | | | |
gist.github.com
|
|
| | | | | PowerView-3.0 tips and tricks. GitHub Gist: instantly share code, notes, and snippets. | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
blog.ikuamike.io
|
|
| | | | | Introduction After passing my OSCP, I am planning on doing CRTP and CRTO sometime this year. I took the OSCP exam before the updates that are focused on Active Directory so I didn't actively focus on this area. So to learn and practice on AD and Windows and also as some prep for the certifications I plan on taking, I will be doing some machines that are AD related and try to get into the details of the included misconfigurations and vulnerabilities. | |
| | | | |
0xdf.gitlab.io
|
|
| | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | ||
