Tryhackme “Attacktive Directory” Report, Offensive Active Directory

  • Post author: room contains a Domain Controller, a Windows Server with Active Directory. Initial enumeration is performed with a linux version of enum.exe, enum4linux, gathering the NetBIOS name, and AD domain.Kerbrute tool can perform a dictionary attack against the DC to enumerate valid usernames, provided a usernames…

Continue Reading Tryhackme “Attacktive Directory” Report, Offensive Active Directory

Tryhackme “Classic Password” Reverse Engineering w/ IDA, Ghidra, ltrace

  • Post author:

Tryhackme "Classic Passwd" Reverse Engineering Report Linux ELF binary is available for download. The challenge is to determine the correct input to reveal the flag. This can be done several different ways, with different software.  Reverse Engineering with IDA Pro Load the binary into…

Continue Reading Tryhackme “Classic Password” Reverse Engineering w/ IDA, Ghidra, ltrace

My thoughts and some tips you should know going into the OSCP exam.

  • Post author:

Hey all, I just got the results from my first OSCP exam attempt and I passed! My thoughts on the exam… The difficulty is artificially increased; I encountered at least two different open source projects (with source code available on Github) where the public…

Continue Reading My thoughts and some tips you should know going into the OSCP exam.

Post-Exploitation Basics Writeup

  • Post author:

Post-Exploitation Basics Writeup - Tryhackme Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenomHow this helps your pentesting career:This room will be related to very real world applicationsEnumerating with Windows Server ManagerHow to approach a network after you have…

Continue Reading Post-Exploitation Basics Writeup

Steel Mountain Writeup

  • Post author:

THM: Steel Mountain Walkthrough How this helps your pentesting career:exploit Rejetto HFS 2.3 to get remote shell w/ both Metasploit and manual exploitationpractice Windows privilege escalation technique: Unquoted service paths Task 1 #1 Deploy the machine.Who is the employee of the month?The page source…

Continue Reading Steel Mountain Writeup

Vulnserver Buffer Overflow Walkthrough

  • Post author:

Exploiting Vulnserver Buffer Overflow Walkthrough I just finished the buffer overflow section of studying for OSCP.  Let's apply the methodology and techniques in the textbook to vulnserver, a service that is purposefully vulnerable.  It is only available on Windows machines. What you will need…

Continue Reading Vulnserver Buffer Overflow Walkthrough

Windows Virtual Lab Setup

Windows Virtual Lab Setup Guide If you are interesting in learning more about PowerShell or system administration you would likely benefit from having an isolated virtual Windows lab. A physical lab is great if you have the space and the money for it, but most…

Continue Reading Windows Virtual Lab Setup

End of content

No more pages to load