Explore >> Select a destination


You are here

www.tarlogic.com
| | securitypimp.net
1.7 parsecs away

Travel
| | The challenge given by Remote will have you breaking into the Umbraco CMS system on multiple levels.
| | 0xdf.gitlab.io
2.4 parsecs away

Travel
| | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it.
| | www.securitynik.com
1.9 parsecs away

Travel
| | In this post, I'm learning about Kerberos and one of its attacks. Specifically, I'm learning about Authentication Service Response (AS-REP) ...
| | gist.github.com
20.8 parsecs away

Travel
| Create Ubuntu and Windows VMs with QEMU on Apple Silicon - QEMU_ON_M1.md