Search Results

Note: Network Environment Given that LLMNR is a name resolution protocol that works on the Local Area Network (LAN), this attack method cannot be performed from a different subnet. The attacker would have to compromise a host on the LAN and upload tools, or p...

Note: Network Environment This attack works best in a flat network. However, as long as the attacker machine and target(s) are routeable and no firewalls are blocking required ports, it could work across network segments. What is SMB Relay? A man-in-the-mid...

Note: Network Environment This spoofing attack works by sending a router announcement to multicast ff02::1. Therefore, it will only affect domain-joined hosts on the same segment as the attacker machine. What is IPv6 DNS Spoofing? An attacker announces ...

What's the Flaw? Usually involves an unsecure device -- like a printer or multifunction device -- which is configured with an LDAP or SMTP client and credentials. It could be a web server too -- where there is an LDAP or SMTP client. The credentials are usual...

Overview A set of PowerShell functions that can be used to enumerate ActiveDirectory. Part of the larger PowerSploit Framework   Usage Transfer PowerView.ps1 to the compromised target. Requires a PowerShell session. Then, source the file into the current s...

Install and Initial Setup Kali Linux When changing the neo4j user password at initial setup, I was experiencing authentication errors when the password contained specific special characters. So, if the password in /etc/bhapi/bhapi.json is correct, but you ex...