Clik here to view.
A Detailed Guide on Rubeus
IntroductionRubeus is a C# toolkit for Kerberos interaction and abuses. Kerberos, as we all know, is a ticket-based network authentication protocol and is used in Active Directories. Unfortunately, due...
View ArticleClik here to view.
Domain Persistence: Silver Ticket Attack
IntroductionBenjamin Delpy (the creator of mimikatz) introduced silver ticket attack in Blackhat 2014 in his abusing Kerberos session. Silver tickets are forged service or TGS tickets for specific...
View ArticleClik here to view.
Domain Escalation: Unconstrained Delegation
IntroductionPost Windows 2000, Microsoft introduced an option where users could authenticate to one system via Kerberos and work with another system. This was made possible via delegation option....
View ArticleClik here to view.
Caldera: Red Team Emulation (Part 1)
This article aims to demonstrate an open-source breach & emulation framework through which red team activity can be conducted with ease. It focuses on MITRE simulation and has tons of other...
View ArticleClik here to view.
MimiKatz for Pentester: Kerberos
This write up will be part of a series of articles on the tool called Mimikatz which was created in the programming language C. it is mostly used for extracting Kerberos ticket from the memory and...
View ArticleClik here to view.
Containers Vulnerability Scanner: Trivy
This article talks about Trivy, which is a a simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for Continueos Integration and Testing.Table of Contents·...
View ArticleClik here to view.
Return HackTheBox Walkthrough
Return is a Windows machine on HTB and is rated as easy, this box is designed over windows that have Weak Service Permission. If summarized, we will abuse a printer admin portal to get hardcoded...
View ArticleClik here to view.
Timelapse HackTheBox Walkthrough
SummaryTimelapse is a HTB Active Directory machine is an easy machine but as the concept of initial compromise is unique therefore, I believe it should categories as Intermediate. By solving this lab I...
View ArticleClik here to view.
Driver HackTheBox Walkthrough
 IntroductionThe driver is an easy-rated Windows box on the HackTheBox platform. This is designed to understand initial exploitation using an SCF file and further escalate privileges locally using...
View ArticleClik here to view.
Pandora HackTheBox Walkthrough
SummaryPandora is Linux machine and considered as easy box by the hack the box but indeed it is not. With this box we will need to perform other port scan instead of being relied on only TCP ports...
View ArticleClik here to view.
Paper HackTheBox Walkthrough
SummaryPaper is Linux machine and considered as easy box by the hack the box. On this box we will begin with basic port scan and move laterally. Then we will enumerate domain name and exploit a secrets...
View ArticleClik here to view.
GoodGames HackTheBox Walkthrough
SummaryGoodGames is Linux machine and considered as easy box by the hack the box, but it was tricky indeed. On this box we will begin with basic port scan and move laterally. Then we will enumerate...
View ArticleClik here to view.
Windows Privilege Escalation: Server Operator Group
Background:The Windows Server operating system uses two types of security principals for authentication and authorization: user accounts and computer accounts. These accounts are created to represent...
View ArticleClik here to view.
Backdoor HackTheBox Walkthrough
 SummaryBackdoor is Linux machine and considered as easy box by the hack the box. On this box we will begin with basic port scan and move laterally. Then we will enumerate WordPress webpage.  Then we...
View ArticleClik here to view.
Late HackTheBox Walkthrough
SummaryLate is Linux machine and considered as easy box by the hack the box. On this box we will begin with basic port scan and move laterally based on findings. Then we will enumerate HTTP service and...
View ArticleClik here to view.
Nunchucks HackTheBox Walkthrough
SummaryNunchucks is Linux machine and considered as easy box by the hack the box. On this box we will begin with basic port scan and move laterally based on findings. Then we will enumerate HTTP...
View ArticleClik here to view.
Antique HackTheBox Walkthrough
SummaryAntique is Linux machine and considered as easy box by the hack the box. On this box we will begin with basic port scan and move laterally based on findings. Then we will enumerate telnet...
View ArticleClik here to view.
A Detailed Guide on Kerbrute
Background:Kerbrute is a tool used to enumerate valid Active directory user accounts that using kerrberos pre-authentication. Also, this tool can be used to password attacks such as password...
View ArticleClik here to view.
A Detailed Guide on Evil-Winrm
Background:Evil-winrm tool is originally written by the team Hackplayers. The purpose of this tool is to make penetration testing easy as possible especially in the Microsoft windows environment....
View ArticleClik here to view.
Blackfield HacktheBox Walkthrough
SummaryBlackfield is a windows Active Directory machine and is considered as hard box by the hack the box. This box has various interesting vulnerabilities, and security misconfigurations were placed....
View Article