David Mohan’s Post

- RPC Enumeration - Abusing RPC - IOXIDResolver.py (Obtaining the IPV6 machine address) - Port scanning with nmap via ipv6 - SMB enumeration via ipv6 - Cracking ZIP file - NTDS enumeration (secretsdump.py) - Abusing Kerberos - Kerbrute (Valid user enumeration) - SMB Hash Sprying Attempt - PyKerbrute Script Manipulation - Modifying the script to our needs (Kerberos attack) - Reg.py - Reading machine registers remotely (Registry Hives Enumeration) - Abusing WinRM - Evil-WinRM - WinPeas - System Enumeration - Windows Defender Evasion - Windows Defender Evasion - Bypass-AMSI to disable AMSI (Evil-WinRM) - Windows Defender Evasion - Playing with Invoke-Binary to load an EXE into memory (Evil-WinRM) - NTLM clients and services support NTLMv1 - Collecting Net-NTLMv1 Hash via Responder (1122334455667788 Challenge) - Cracking Hashes (Net-NTLMv1) [crack.sh] - Secretsdump.py - Dumping the hashes for the rest of the AD users (Using the DRSUAPI method) #htb #windows #hacking #pentesting #redteam

To demonstrate how to #XSS in a possible scenario with whitelist filters like wp_kses (bypassing also most WAFs), I've created a little challenge for you: https://lnkd.in/dUv4W_c4 A blog post with interesting new payloads for those situations is coming. Good luck! #hack2learn

I hope you enjoyed your weekend because I sure did after I #Pwned the last machine of season 5 in Hack The Box Ghost! How I missed insane-level machines (not really), This one reminded me of how much insane levels machines are in a league of their own. It's one of my longest writeups yet, with a lot of different types of vulnerabilities, from Finding a couple of subdomains to injections and understanding human behavior which can be useful. As always a bit of SQL and from then some Windows privileges escalation and AD hacking with TGT and TGS. Overall insane is insane as always but this one was quite straightforward. #Season5 #HTB #Ghost #Pentest #EthicalHacking #redteam #HTBSeason5 #Windows #Pwn #ldap #gitea #DirectoryTraversal #Docker #Rubeus #mimikatz #impacket #TGT #Kerberos #ActiveDirectory #xp_cmdshell #Mssql #dnstool #responder #EfsPotato #Enumeration

HardPwn #HackFearlessly is where theory meets practice in #hardwaresecurity 😎 How many bugs do you think have been found so far at #hw_ioNL2024? Know More: https://lnkd.in/eSiZufX3 #ethicalhacking #hardwarehacking

TryHackMe PWN110 Walkthrough Bypassing the NX protection using ROPchains. https://lnkd.in/eq78UG2X

Just completed the Nmap Advanced Port Scans, where TCP flags and scans are experimented via AttackBox. Some of these scan types are useful against specific systems, while others are useful in particular network setups. The following types of port scans are covered: * Null Scan * FIN Scan * Xmas Scan * Maimon Scan * ACK Scan * Window Scan * Custom Scan The following topics are covered: * Spoofing IP * Spoofing MAC * Decoy Scan * Fragmented Packets * Idle/Zombie Scan

All Free DFIR tools in one SINGLE package Cristian S. has done a great work by compiling a stack of DFIR tools into one setup package the package includes tools for: - Binary analysis (like capa & floss) - Debugging - Event log analysis (EvtxECmd) - Hex editors - Registry analysis (RECmd & RegistryExplorer) - Mail forensics - Memory forensics (Volatility) - Password cracking (hashcat) - Online search tools (Kaspersky, VirusTotal, MalwareBazaar) - Windows artifacts parsers (EZ tools) - Other utilities (The Sleuth Kit & yara) You can download the package here: (https://lnkd.in/eK9Uejrw) install and start using it directly - Right click and the tools will pop up - #dfir #securitytools #cybersecuritytools #forensicinvestigation #incidentresponse #socanalyst

Preparing myself for Pentest+ and found this very helpful in understanding the "options/swtiches" used with Nmap. It's difficult (for me) to remember all of those different parameters without knowing exactly what they mean and do. This room helped me gain a further understanding. If you are preparing for CySA+ or Pentest+ you should most definitely be taking advantage of TryHackMe.

TryHackMe | Game Zone Learn to hack into this machine. Understand how to use SQLMap, crack some passwords, reveal services using a reverse SSH tunnel and escalate your privileges to root! #privilegeescalation #sqlinjection #cracking #ssh #tunneling

Hello Connection !! #30daystryhackmechallenge #day1 I have succefully Completed h4ckedon TryHackMe. Using tool :- 1) Wireshark 2) Hydra TryHackMe “h4cked”( https://lnkd.in/gc7Xrg-c ) is a simple CTF challenge which is a combination of blue and red teaming, where you have to analyze a network traffic capture in order to find out the activities of an adversary and hack your way back in order to gain root access because the adversary has changed some configuration. First of all fire up your pentesting machine and connect to TryHackMe network by OpenVPN. Then download the pcap file they have given. Then open it using Wireshark. Let us go on the questions one by one. craw Security Slytherin EduTech Pvt. Ltd. TechnoHacks EduTech Official #cyberdefense #ethicalhacking #cehv12 #cyberattacks