Explore >> Select a destination
|
You are here 
|
www.tarlogic.com | ||
| | | | |
securitypimp.net
|
|
| | | | | The challenge given by Remote will have you breaking into the Umbraco CMS system on multiple levels. | |
| | | | |
0xdf.gitlab.io
|
|
| | | | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | |
| | | | |
www.securitynik.com
|
|
| | | | | In this post, I'm learning about Kerberos and one of its attacks. Specifically, I'm learning about Authentication Service Response (AS-REP) ... | |
| | | | |
gist.github.com
|
|
| | | Create Ubuntu and Windows VMs with QEMU on Apple Silicon - QEMU_ON_M1.md | ||
