Quantcast
Channel: Hacking Articles|Raj Chandel's Blog
Browsing all 1812 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Credential Dumping: Applications

This is a sixth article in the Credential Dumping series. In this article, we will learn how we can dump the credentials from various applications such as CoreFTP, FileZilla, WinSCP, Putty, etc.Table...

View Article


Image may be NSFW.
Clik here to view.

Windows Persistence using WinLogon

In this article, we are going to describe the ability of the WinLogon process to provide persistent access to the Target Machine.Table of Content·         Introduction·         Configurations used in...

View Article


Image may be NSFW.
Clik here to view.

Penetration Testing on VoIP Asterisk Server

Today we will be learning about VoIP Penetration Testing this includes, how to enumeration, information gathering, User extension and password enumeration, sip registration hijacking and spoofing.Table...

View Article

Image may be NSFW.
Clik here to view.

Credential Dumping: NTDS.dit

In this article, you will learn how passwords are stored in Windows Active directory and find out the methods used to hash passwords in NTDS.dit. And then we will learn how to dump these credentials...

View Article

Image may be NSFW.
Clik here to view.

Credential Dumping: Phishing

This is the ninth article in our series of Credentials Dumping. In this article, we will trigger various scenarios where windows will ask for user authentication to retrieve the credentials. For...

View Article


Image may be NSFW.
Clik here to view.

Windows Persistence using Bits Job

In this article, we are going to describe the ability of the Bits Job process to provide persistent access to the Target Machine.Table of Content·         Introduction·         Configurations used in...

View Article

Image may be NSFW.
Clik here to view.

Credential Dumping: Local Security Authority (LSA|LSASS.EXE)

LSA and LSASS stands for "Local Security Authority" And "Local Security Authority Subsystem (server) Service", respectivelyThe Local Security Authority (LSA) is a protected system process that...

View Article

Image may be NSFW.
Clik here to view.

Windows Persistence using Netsh

In this article, we are going to describe the ability of the Netsh process to provide persistent access to the Target Machine.Table of Content·         Introduction·         Configurations used in...

View Article


Image may be NSFW.
Clik here to view.

Credential Dumpimg: Clipboard

In this article, we learn about online password mangers and dumping the credentials from such managers via clipboard. Passwords are not easy to remember especially when passwords are made up of...

View Article


Image may be NSFW.
Clik here to view.

RDP Session Hijacking with tscon

In this article, we will learn to hijack an RDP session using various methods. This is a part of Lateral movement which is a technique that the attacker uses to move through the target environment...

View Article

Image may be NSFW.
Clik here to view.

Domain Persistence: Golden Ticket Attack

Golden Ticket attack is a famous technique of impersonating users on an AD domain by abusing Kerberos authentication. As we all know Windows two famous authentication are NTLM and Kerberos in this...

View Article

Image may be NSFW.
Clik here to view.

Kerberos Brute Force Attack

In previous article we had explain Forge Kerberos  Ticket  “Domain Peristence: Golden Ticket Attack”  where have discuss how kerberos authentication process and what its service componet. In this post...

View Article

Image may be NSFW.
Clik here to view.

Domain Controller Backdoor: Skeleton Key

When the many people around were fighting the good fight for Net Neutrality, talented people over Dell SecureWorks Counter Threat Unit or CTU discovered a malware that can bypass the authentication on...

View Article


Image may be NSFW.
Clik here to view.

Data Exfiltration using DNSSteal

In this article, we will comprehend the working of DNSteal with the focus on data exfiltration. You can download this tool from here.Table of content:·         Introduction to Data Exfiltration·...

View Article

Image may be NSFW.
Clik here to view.

Penetration Testing on VoIP Asterisk Server (Part 2)

In the previous article we learned about Enumeration, Information Gathering, Call Spoofing. We introduced a little about the Asterisk Server. This time we will focus more on the Asterisk Manager...

View Article


Image may be NSFW.
Clik here to view.

Lateral Movement: WMI

WMI is used for a lot of stuff but it can also be used for Lateral Movement around the network. This can be achieved using the MSI file. Confused? Read along!Table of Content·         Introduction to...

View Article

Image may be NSFW.
Clik here to view.

Deep Dive into Kerbroasting Attack

In this article, we will discuss kerberoasting attacks and other multiple methods of abusing Kerberos authentication. But before that, you need to understand how Kerberos authentication works between...

View Article


Image may be NSFW.
Clik here to view.

Impacket Guide: SMB/MSRPC

There have been many Red Team scenarios, Capture the Flag challenges where we face the Windows Server. After exploiting and getting the initial foothold in the server it is very difficult to extract...

View Article

Image may be NSFW.
Clik here to view.

Lateral Moment on Active Directory: CrackMapExec

In this article, we learn to use crackmapexec. This tool is developed by byt3bl33d3r. I have used this tool many times for both offensive and defensive techniques. And with my experience from this...

View Article

Image may be NSFW.
Clik here to view.

AS-REP Roasting

In our previous articles, we have discussed “Golden ticket Attack”, “Kerberoast” and “Kerberos Brute Force” multiple method to abuse Kerberos which is a ticking protocol.Today we are going to discuss...

View Article
Browsing all 1812 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>