Skip to main content

Recently Updated Pages

Using Faketime for Ad-Hoc Kerberos Authentication

Active Directory Initial Attack Vectors

Installing Faketime sudo apt install faketime faketime -h This will run the specified 'progr...

Updated 22 hours ago by 0xBEN

Kerberos Pre-Auth Username Enumeration

Active Directory Initial Attack Vectors

How it Works We can send a request for a TGT --- without a pre-authentication hash --- to the Ke...

Updated 22 hours ago by 0xBEN

NTLM Credential Stuffing (Internal/External)

Active Directory Initial Attack Vectors

NTLM Basic Authentication Could obtain a list of usernames via OSINT, or via something like RI...

Updated 22 hours ago by 0xBEN

AS-REP Roasting (Internal/External)

Active Directory Initial Attack Vectors

AS-REP Roasting If Kerberos pre-authentication is disabled on a user account in Active Directory...

Updated 22 hours ago by 0xBEN

PrintNightmare (Internal/External)

Active Directory Initial Attack Vectors

Remote Code Execution https://github.com/cube0x0/CVE-2021-1675 Contains full details on scannin...

Updated 22 hours ago by 0xBEN

Passback Attacks (Internal/External)

Active Directory Initial Attack Vectors

What's the Flaw? Usually involves an unsecure device -- like a printer or multifunction device -...

Updated 22 hours ago by 0xBEN

Remote Bloodhound

Active Directory Post Exploitation: Enumeration

GitHub Repo Prerequisites impacket ldap3 dnspython  Installation python3 -m pip insta...

Updated 22 hours ago by 0xBEN

Computer Networking: Encapsulation and Decapsulation

PJPT Study Group Lessons Session 2: Nov. 13, 2023

TCP/IP Model vs. OSI Model TCP/IP Model The sender sends from Layer 4 down to Layer 1The recipi...

Updated 2 days ago by 0xBEN

Port Forwarding with Chisel

Network Pivoting Port Forwarding

GitHub Download from the Releases Page Usage Requires a copy of the Chisel binary on: The...

Updated 3 days ago by 0xBEN

Export a Proxmox VM to VirtualBox

Proxmox

Example VM Identify the VM I want to export the pfsense-deleteme VM and import it into VirtualB...

Updated 3 days ago by 0xBEN

NoMachine Customizations

Kali Optimizations

Proxmox VM vs Linux Container This page was written when I was using Kali Linux in a Proxmox VM....

Updated 6 days ago by 0xBEN

Installing Wine and Wine Dependencies

Kali Optimizations

Considerations I urge you to consider taking a snapshot of your Kali instance at its current sta...

Updated 6 days ago by 0xBEN

Change to KDE Plasma Desktop Environment

Kali Optimizations

Installing KDE Plasma Official Documentation: https://www.kali.org/docs/general-use/switching-de...

Updated 6 days ago by 0xBEN

Dumping Passwords from Windows Credential Manager

Active Directory Post Exploitation: Attacks

Credential Enumeration cmdkey /list In reverse shells, I have noticed that it's impossible to s...

Updated 1 week ago by 0xBEN

Spawn Processes as Other Users

Active Directory Post Exploitation: Attacks

RunasCs.exe Project GitHub https://github.com/antonioCoco/RunasCs/releases Example Usage Spaw...

Updated 1 week ago by 0xBEN

xfreerdp

Active Directory Post Exploitation: Attacks

Usage and Help Display the xfreerdp man page man xfreerdp Display the xfreerdp help output on ...

Updated 1 week ago by 0xBEN

Pass the Key

Active Directory Post Exploitation: Attacks

Kerberos Encryption Keys Policies on the domain controller will dictate which encryption algorit...

Updated 1 week ago by 0xBEN

Pass the Ticket

Active Directory Post Exploitation: Attacks

Anatomy of a Kerberos Ticket [0;97d82]-2-0-40e10000-t2_felicia.dean@krbtgt-ZA.TRYHACKME.COM.kirb...

Updated 1 week ago by 0xBEN

DCSync

Active Directory Post Exploitation: Attacks

DCSync Overview DC Sync is a legitimate function of Active Directory environments where a domain...

Updated 1 week ago by 0xBEN

Password & Credential Brute Force

Active Directory Post Exploitation: Attacks

User Emumeration You have enumerated users with one of the methods defined here: CrackMapExec...

Updated 1 week ago by 0xBEN