Explore >> Select a destination
|
You are here 
|
securitypimp.net | ||
| | | | |
www.tarlogic.com
|
|
| | | | | Kerberos attacks: Kerberos brute-force, ASREPRoast, Kerberoasting, Pass the key, Pass the ticket, Silver ticket and Golden ticket explanation. | |
| | | | |
blog.ikuamike.io
|
|
| | | | | ||
| | | | |
0xdf.gitlab.io
|
|
| | | | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | |
| | | | |
cocomelonc.github.io
|
|
| | | [AI summary] The provided text discusses the development of a payload using a custom encryption method, likely based on the Skipjack algorithm, to evade detection by antivirus systems. It outlines the steps to compile and run the payload on a Windows machine, and mentions that the code is intended for educational purposes only. The text also references the Clipper chip initiative and highlights the importance of awareness for cybersecurity professionals. | ||
