Clik here to view.
Victim:1 Vulnhub Walkthrough
Victim:1 Vulnhub WalkthroughToday we are going to solve another boot2root challenge called “Victim:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. This lab is not that...
View ArticleClik here to view.
LemonSqueezy:1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “LemonSqueezy:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. This lab is not that difficult if we have...
View ArticleClik here to view.
Seppuku:1 Vulnhub Walkthrough
Today we are going to crack this machine called “Seppuku:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. It was an intermediate box which made me learn many new things....
View ArticleClik here to view.
Domain Persistence AdminSDHolder
In this post we will discuss Peristence attack on Active Directory by abusing AdminSDHolder. This attack is actual threat because This attack leverage into other dynamic attack such as DCSync Attack...
View ArticleClik here to view.
Domain Persistence: DC Shadow Attack
In this post we are going to discuss the most dynamic attack on AD named as DC Shadow attack. It is part of Persistence which create rogue Domain controller in network. This attack is an actual threat...
View ArticleClik here to view.
Evil-Winrm : Winrm Pentesting Framework
In this post we will discuss the most famous framework for PS Remote shell hacking tool named as “Evil-Winrm”. It is an opensource tool which is available on GitHub for winrm penetration testing.Table...
View ArticleClik here to view.
HA: Natraj Vulnhub Walkthrough
Today we're going to solve another boot2root challenge called "Natraj". It's available at Vulnhub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to...
View ArticleClik here to view.
WinRM Penetration Testing
In this post, we will discuss all possible methods and tools used for WinRM penetration testing. Let's get deep into WinRM service and its security assessment and learn more. This attack can be...
View ArticleClik here to view.
Credential Dumping: Domain Cache Credential
In this post we are going to discuss the domain cache credential attack and various technique to extract the password hashes by exploiting domain user.Table of Content· Domain Cache credential·...
View ArticleClik here to view.
Hack the Box: Monteverde Walkthrough
Today we're going to solve Hack The Box's "Monteverde" machine. This lab is of "medium" level, although you will see that it is quite simple.Level:MediumPenetration Testing Methodology·...
View ArticleClik here to view.
Kerberosting and Pass the Ticket Attack Using Linux
Kerberosting and Pass the Ticket Attack Using Linux In our previous post, we explained the Kerberosting attack in detail, which you can read from here. I recommend, then, to revisit our previous...
View ArticleClik here to view.
HA: Pandavas Walkthrough
Today we're going to solve another boot2root challenge called "Pandavas". It's available at Vulnhub for penetration testing practice. This lab is not difficult if we have the right basic knowledge to...
View ArticleClik here to view.
Remote Code Execution Using Impacket
In this post we are going discuss how we can connect to Victims machine remotely using Python libraries “Impacket” which you can download from here.Table of Content· About Impacket·...
View ArticleClik here to view.
Abusing Kerberos Using Impacket
In this post we are going discuss how we can abuse Kerberos protocol remotely using Python libraries “Impacket” for conducting the lateral movement attack. You can download from here.Table of Content·...
View ArticleClik here to view.
Glasgow Smile 1 – 1.1
Today we are going to solve another boot2root challenge called "Glasgow Smile". It's available at Vulnhub for penetration testing. This lab is intermediate level. The credit for making this lab goes to...
View ArticleClik here to view.
GitRoot: 1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called "GitRoot: 1". It's available at Vulnhub for penetration testing. This lab is intermediate level and is based on Git. The credit for making...
View ArticleClik here to view.
Comprehensive Guide to File Inclusion
In this deep down online world, dynamic web-applications are the ones that can easily be breached by an attacker due to their loosely written server-side codes and misconfigured system files. Today, we...
View ArticleClik here to view.
Tre:1 Vulnhub Walkthrough
Today, I am going to share a writeup for the boot2root challenge of the vulnhub machine “Tre:1”. It is made by SunCSR team difficulty level of this machine is intermediate level. And for this machine...
View ArticleClik here to view.
Multiple Ways to Banner Grabbing
Grabbing a banner is the first and apparently the most important phase in both the offensive and defensive penetration testing environments. In this article, we'll take a tour to "Banner Grabbing" and...
View ArticleClik here to view.
Foresinc Investiagtion: Extract Volatile Data (Manally)
In this article, we will run a couple of CLI commands that helps a forensic investigator to gather volatile data from the system as much as possible. The commands which we use in this post are not the...
View Article