Search Results for: password

Author, Blue Team, Blue Team Tools, Derek Banks, Joff Thyer, Webcasts Breadcrumb Trails, elasticsearch, Endpoint Monitoring, kibana, Logstash, Monitoring, NXlog, Sysmon

How To Do Endpoint Monitoring on a Shoestring Budget – Webcast Write-Up

Joff Thyer & Derek Banks // Editor’s Note: This is a more in-depth write-up based on the webcast which can be watched here. As penetration testers, we often find ourselves […]

Read the entire post here

Author, How-To, Kent Ickler Cacti, data, go hug a cactus, Kent Ickler, Net Admin, Network monitoring, switches, Ubuntu

How to Install Cacti 1.1.10 on Ubuntu 16.04

Kent Ickler // What is Cacti? Cacti is a network system that inputs system-generated quantifiable data and presents the data in spiffy graphs. Net-Admin In the Net-Admin world, it gives […]

Read the entire post here

Author, How-To, Kent Ickler Benchmarks, Hashcat Benchmarks, Kent Ickler, Nvidia GTX, Password Cracker, The Kraken

Hashcat Benchmarks for Nvidia GTX 1080TI & GTX 1070 Hashcat Benchmarks

Kent Ickler // In my last post, I was building a password cracking rig and updating an older rig with new GPU cards. I struggled during the design process to […]

Read the entire post here

Author, David Fletcher, External/Internal, Red Team, Red Team Tools network traffic, Network Vulnerabilities, NetworkRecon.ps1, tools

How to Identify Network Vulnerabilities with NetworkRecon.ps1

David Fletcher //   Whenever I have the opportunity, I like to perform packet collection on a test for about five minutes so I can analyze the results and look […]

Read the entire post here

Author, External/Internal, Red Team, Red Team Tools, Sally Vandeven AD Explorer, DA, domain admin, Pentesting, Shodan

Domain Goodness – How I Learned to LOVE AD Explorer

Sally Vandeven // OR How to Pentest with AD Explorer! Mark Russinovich’s Sysinternals tools (Microsoft) are nothing new. They have been a favorite among system administrators for many, many years. […]

Read the entire post here

Author, Derek Banks, External/Internal, Red Team kerberoasting, Kerberos

A Toast to Kerberoast

Derek Banks // This post will walk through a technique to remotely run a Kerberoast attack over an established Meterpreter session to an Internet-based Ubuntu 16.04 C2 server and crack […]

Read the entire post here

Author, Beau Bullock, External/Internal, Red Team email attack, MailSniper, Microsoft, Microsoft Exchange, MS, Office365, OWA, pen-testing, tools

Abusing Exchange Mailbox Permissions with MailSniper

Beau Bullock // Overview Microsoft Exchange users have the power to grant other users various levels of access to their mailbox folders. For example, a user can grant other users […]

Read the entire post here

Author, Jordan Drysdale, Kent Ickler, Red Team, Red Team Tools Kon-Boot, thumb drive fun

Super Sweet Kon-Boot Demo in GIFs

Jordan Drysdale, victim // Kent Ickler, adversary // In this post, our victim locks their computer and heads out for a coffee refill. The adversary smashes through all system and […]

Read the entire post here

Author, Beau Bullock, Recon, Red Team, Red Team Tools HostRecon, PowerShell, Situational Awareness, tool

HostRecon: A Situational Awareness Tool

Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]

Read the entire post here