Sep 29, 2023
Today we talk about an awesome path to internal network pentest pwnage using downgraded authentication from a domain controller, a tool called ntlmv1-multi, and a boatload of cloud-cracking power on the cheap from vast.ai. Here's my chicken scratch notes for how to take the downgraded authentication hash...
Sep 22, 2023
Today my Paul and I continued hacking Billy Madison (see part one here) and learned some interesting things:
wfuzz -c -z file,/root/Desktop/wordlist.txt --hc 404 http://x.x.x.x/FUZZ.cap Sep 15, 2023
In today's tale of pentest pwnage we talk about:
The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure
Copying files via WinRM when copying over SMB is blocked:
$sess = New-PSSession -Computername...Sep 8, 2023
Today Amanda Berlin from Blumira teaches us how to unlock the power of Sysmon so we can gain insight into the good, bad and ugly things happening on our corporate endpoints! Key takeaways:
Sep 1, 2023
Today my pal Paul from Project7 and I hack the heck out of Billy Madison a vulnerable virtual machine that is celebrating its 7th anniversary this month!