Recently Updated Pages

Note: Network Environment This spoofing attack works by sending a router announcement to multica...

https://mywiki.wooledge.org/BashPitfalls/ also on Archive.org Command execution via unquoted v...

apple banana pear mango grapes fruit.txt cat fruit.txt | paste -s -d ',' - Using piped i...

Stored / Hosted XSS If the target page has a loose content security policy / cross-origin policy...

Overview Dumped the SAM or LSA and now have hashes for domain or a local users. Use the hash and...

When to Use Useful post-compromise if you've dumped hashes from SAM or LSASS or obtained clearte...

Pipe HEREDOC to xargs When creating a HEREDOC, you can use any keyword to denote the start and e...

Install and Initial Setup Kali Linux When changing the neo4j user password at initial setup, I ...

Overview Cracked a hash or discovered a password for a domain user. Use the password and nxc to ...

SMB Server on Attack Box For this, we can use Impacket's smbserver.py script to run an ad-hoc SM...

Post-Compromise on Target Lsass Process Dump Sysinternals ProcDump Download ProcDump here # D...

Linux LdapSearch ldapsearch -x -H ldap://DC01.ad.lab -D 'john.doe@ad.lab' -W -b 'DC=ad,DC=lab' ...

Brute Force Logins Brute Force with a Request File Start Burp Make a randomized login to the...

Virtual Host Enumeration You can find a more detailed analysis on the functionality of virtual h...

Usage and Help Display the xfreerdp3 man page man xfreerdp3 Display the xfreerdp3 help output ...

sudo apt install pyenv pyenv init Sample output, run locally and append lines as described to...

Problem On Debian based systems, apt acts as a wrapper around dpkg to manage dependencies and co...

Output Combined Data openssl pkcs12 -nodes -in file.pfx -out file.pem Key and certificate combi...

When to Use You'll know when you've found a domain controller, because it will have several port...

Problem On Debian based systems, apt acts as a wrapper around dpkg to manage dependencies and co...