Recently Updated Pages
Spawn Processes as Other Users
RunasCs.exe Project GitHub https://github.com/antonioCoco/RunasCs/releases Example Usage Spaw...
Pass the Key
Kerberos Encryption Keys Policies on the domain controller will dictate which encryption algorit...
Pass the Ticket
Anatomy of a Kerberos Ticket [0;97d82]-2-0-40e10000-t2_felicia.dean@krbtgt-ZA.TRYHACKME.COM.kirb...
DCSync
DCSync Overview DC Sync is a legitimate function of Active Directory environments where a domain...
Password & Credential Brute Force
User Emumeration You have enumerated users with one of the methods defined here: CrackMapExec...
Impacket-Addcomputer
When to Use Could be used post-compromise upon enumerating the ms-DS-MachineAccountQuota policy....
Dumping Hashes without Mimikatz
Post-Compromise on Target Lsass Process Dump Sysinternals ProcDump Download ProcDump here # D...
ZeroLogon
Caution This can potentially break a domain controller, due the fact that this attack temporaril...
PrintNightmare
Local Privilege Escalation https://github.com/calebstewart/CVE-2021-1675
Group Policy Preferences (GPP)
Overview GPP allows admins to create policies with embedded credentials. The credentials are enc...
Kerberoasting
Overview The attacker uses a known username and password of a user on a domain. A typical Kerbe...
Token Impersonation
Overview Tokens are temporary keys that allow a user to perform actions on a system or network w...
Pass the Hash
Overview Dumped the SAM or LSA and now have hashes for domain or a local users. Use the hash and...
Pass the Password
Overview Cracked a hash or discovered a password for a domain user. Use the password and crackma...
NFS: LXC Backups Permissions Issue (Synology)
The Issue INFO: starting new backup job: vzdump 204 --remove 0 --compress zstd --mode snapshot -...
Defining the Inventory
Defining the Inventory The inventory is everything when it comes to Ansible. Your inventory ...
Defining Group Variables and Protecting Secrets
Group Variables Back on Defining the Inventory, you may remember that we broke the inventory up i...
Proxmox: Unprivileged LXC Workaround
Unprivileged LXC Workaround Upon joining a host to the Active Directory domain, it was impossibl...
Troubleshooting
Hosts Enrolling with Empty Data In my testing, the way to reproduce the issue is: Remove a ...
Upgrading Fleet Versions
Stop the Server First, stop any running FleetDM processes. I have systemd controlling my FleetDM...