Victim:1 Vulnhub Walkthrough
Victim:1 Vulnhub WalkthroughToday we are going to solve another boot2root challenge called “Victim:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. This lab is not that...
View ArticleLemonSqueezy:1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “LemonSqueezy:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. This lab is not that difficult if we have...
View ArticleSeppuku:1 Vulnhub Walkthrough
Today we are going to crack this machine called “Seppuku:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. It was an intermediate box which made me learn many new things....
View ArticleDomain Persistence AdminSDHolder
In this post we will discuss Peristence attack on Active Directory by abusing AdminSDHolder. This attack is actual threat because This attack leverage into other dynamic attack such as DCSync Attack...
View ArticleDomain Persistence: DC Shadow Attack
In this post we are going to discuss the most dynamic attack on AD named as DC Shadow attack. It is part of Persistence which create rogue Domain controller in network. This attack is an actual threat...
View ArticleEvil-Winrm : Winrm Pentesting Framework
In this post we will discuss the most famous framework for PS Remote shell hacking tool named as “Evil-Winrm”. It is an opensource tool which is available on GitHub for winrm penetration testing.Table...
View ArticleHA: Natraj Vulnhub Walkthrough
Today we're going to solve another boot2root challenge called "Natraj". It's available at Vulnhub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to...
View ArticleWinRM Penetration Testing
In this post, we will discuss all possible methods and tools used for WinRM penetration testing. Let's get deep into WinRM service and its security assessment and learn more. This attack can be...
View ArticleCredential Dumping: Domain Cache Credential
In this post we are going to discuss the domain cache credential attack and various technique to extract the password hashes by exploiting domain user.Table of Content· Domain Cache credential·...
View ArticleHack the Box: Monteverde Walkthrough
Today we're going to solve Hack The Box's "Monteverde" machine. This lab is of "medium" level, although you will see that it is quite simple.Level:MediumPenetration Testing Methodology·...
View ArticleKerberosting and Pass the Ticket Attack Using Linux
Kerberosting and Pass the Ticket Attack Using Linux In our previous post, we explained the Kerberosting attack in detail, which you can read from here. I recommend, then, to revisit our previous...
View ArticleHA: Pandavas Walkthrough
Today we're going to solve another boot2root challenge called "Pandavas". It's available at Vulnhub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to...
View ArticleRemote Code Execution Using Impacket
In this post we are going discuss how we can connect to Victims machine remotely using Python libraries “Impacket” which you can download from here.Table of Content· About Impacket·...
View ArticleAbusing Kerberos Using Impacket
In this post we are going discuss how we can abuse Kerberos protocol remotely using Python libraries “Impacket” for conducting the lateral movement attack. You can download from here.Table of Content·...
View ArticleGlasgow Smile 1 – 1.1
Today we are going to solve another boot2root challenge called "Glasgow Smile". It's available at Vulnhub for penetration testing. This lab is intermediate level. The credit for making this lab goes to...
View ArticleGitRoot: 1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called "GitRoot: 1". It's available at Vulnhub for penetration testing. This lab is intermediate level and is based on Git. The credit for making...
View ArticleComprehensive Guide to File Inclusion
In this deep down online world, dynamic web-applications are the ones that can easily be breached by an attacker due to their loosely written server-side codes and misconfigured system files. Today, we...
View ArticleTre:1 Vulnhub Walkthrough
Today, I am going to share a writeup for the boot2root challenge of the vulnhub machine “Tre:1”. It is made by SunCSR team difficulty level of this machine is intermediate level. And for this machine...
View ArticleMultiple Ways to Banner Grabbing
Grabbing a banner is the first and apparently the most important phase in both the offensive and defensive penetration testing environments. In this article, we'll take a tour to "Banner Grabbing" and...
View ArticleForesinc Investiagtion: Extract Volatile Data (Manally)
In this article, we will run a couple of CLI commands that helps a forensic investigator to gather volatile data from the system as much as possible. The commands which we use in this post are not the...
View Article