Skip to main content

Recently Updated Pages

Export a Proxmox VM to VirtualBox

Proxmox

Example VM I want to export the pfsense-deleteme VM and import it into VirtualBox. The procedure...

Updated 1 day ago by 0xBEN

VirtualBox: Getting Rid of the Turtle

Windows Administration

Problem Microsoft has continued to push many aspects of Windows security under the Hyper-V platf...

Updated 1 day ago by 0xBEN

File Transfer Techniques

File Transfers and Data Exfiltration

TFTP If the target has a TFTP client installed, Metasploit has a TFTP server you can run ad-hoc ...

Updated 2 days ago by 0xBEN

xfreerdp

Active Directory Post Exploitation: Attacks

Usage and Help Display the xfreerdp man page man xfreerdp Display the xfreerdp help output on ...

Updated 2 days ago by 0xBEN

POP3

Mail Mapping Mailboxes with Mutt

Create the Config File nano ./username-muttrc You should only need to change the username, pass...

Updated 1 week ago by 0xBEN

IMAP

Mail Mapping Mailboxes with Mutt

Create the Config File nano ./username-muttrc You should only need to change the username, pass...

Updated 1 week ago by 0xBEN

Change to KDE Plasma Desktop Environment

Kali Optimizations

Installing KDE Plasma Official Documentation: https://www.kali.org/docs/general-use/switching-de...

Updated 1 week ago by 0xBEN

Port Forwarding with Chisel

Network Pivoting Port Forwarding

GitHub Download from the Releases Page Usage Requires a copy of the Chisel binary on: The...

Updated 2 weeks ago by 0xBEN

Enumerating Hosts and Identifying the Domain Controllers

Active Directory Initial Attack Vectors

Enumerating Live Hosts Internal ARP-Scan Since this is an internal assessment, Kali is on the ...

Updated 2 weeks ago by 0xBEN

Using Faketime for Ad-Hoc Kerberos Authentication

Active Directory Initial Attack Vectors

Installing Faketime sudo apt install faketime faketime -h This will run the specified 'progr...

Updated 2 weeks ago by 0xBEN

Extracting Kerberos AS-REQ Pre-Auth Hashes from PCAPs

Active Directory Post Exploitation: Enumeration

PCAP Analysis Note the existence of KRB5 protocol traffic on tcp/88, which is further identifi...

Updated 2 weeks ago by 0xBEN

Kerberos Pre-Auth Username Enumeration

Active Directory Initial Attack Vectors

How it Works We can send a request for a TGT --- without a pre-authentication hash --- to the Ke...

Updated 2 weeks ago by 0xBEN

NTLM Credential Stuffing (Internal/External)

Active Directory Initial Attack Vectors

NTLM Basic Authentication Could obtain a list of usernames via OSINT, or via something like RI...

Updated 2 weeks ago by 0xBEN

AS-REP Roasting (Internal/External)

Active Directory Initial Attack Vectors

AS-REP Roasting If Kerberos pre-authentication is disabled on a user account in Active Directory...

Updated 2 weeks ago by 0xBEN

NULL Session Enumeration (Internal/External)

Active Directory Initial Attack Vectors

NULL Session LDAP, SMB, and RPC may allow a user to authenticate to the service without providin...

Updated 2 weeks ago by 0xBEN

CrackMapExec

Active Directory Post Exploitation: Enumeration

When to Use Useful post-compromise if you've dumped hashes from SAM or LSASS or obtained clearte...

Updated 2 weeks ago by 0xBEN

GetUserSPNs.py

Active Directory Post Exploitation: Enumeration

When to Use Useful in post-compromise enumeration. If you acquire user passwords or hashes for a...

Updated 2 weeks ago by 0xBEN

GetADUsers.py

Active Directory Post Exploitation: Enumeration

When to Use Helpful in post-compromise enumeration. If you've compromised a domain-joined host, ...

Updated 2 weeks ago by 0xBEN

Dumping DNS Records with adidnsdump

Active Directory Post Exploitation: Enumeration

Active Directory Integrated DNS Dump (adidnsdump) GitHub Repository Installation python3 -m pi...

Updated 2 weeks ago by 0xBEN

LdapDomainDump

Active Directory Post Exploitation: Enumeration

When to Use    You'll know when you've found a domain controller, because it will have ...

Updated 2 weeks ago by 0xBEN