Recently Updated Pages

RunasCs.exe Project GitHub https://github.com/antonioCoco/RunasCs/releases Example Usage Spaw...

Kerberos Encryption Keys Policies on the domain controller will dictate which encryption algorit...

Anatomy of a Kerberos Ticket [0;97d82]-2-0-40e10000-t2_felicia.dean@krbtgt-ZA.TRYHACKME.COM.kirb...

DCSync Overview DC Sync is a legitimate function of Active Directory environments where a domain...

User Emumeration You have enumerated users with one of the methods defined here: CrackMapExec...

When to Use Could be used post-compromise upon enumerating the ms-DS-MachineAccountQuota policy....

Post-Compromise on Target Lsass Process Dump Sysinternals ProcDump Download ProcDump here # D...

Caution This can potentially break a domain controller, due the fact that this attack temporaril...

Local Privilege Escalation https://github.com/calebstewart/CVE-2021-1675

Overview GPP allows admins to create policies with embedded credentials. The credentials are enc...

Overview The attacker uses a known username and password of a user on a domain. A typical Kerbe...

Overview Tokens are temporary keys that allow a user to perform actions on a system or network w...

Overview Dumped the SAM or LSA and now have hashes for domain or a local users. Use the hash and...

Overview Cracked a hash or discovered a password for a domain user. Use the password and crackma...

The Issue INFO: starting new backup job: vzdump 204 --remove 0 --compress zstd --mode snapshot -...

Defining the Inventory The inventory is everything when it comes to Ansible. Your inventory ...

Group Variables Back on Defining the Inventory, you may remember that we broke the inventory up i...

Unprivileged LXC Workaround Upon joining a host to the Active Directory domain, it was impossibl...

Hosts Enrolling with Empty Data In my testing, the way to reproduce the issue is: Remove a ...

Stop the Server First, stop any running FleetDM processes. I have systemd controlling my FleetDM...