Jun 17, 2022
Today we're sharing an updates to episode #512 where we ran Rapid7's InsightIDR through a bunch of attacks:
Active Directory enumeration via SharpHound
Password spraying through Rubeus
Kerberoasting and ASREPRoasting via Rubeus
Network protocol poisoning with Inveigh. Looking for a free way to detect protocol poisoning? Check out CanaryPi.
Hash dumping using Impacket. I also talk about an interesting Twitter thread that discusses the detection of hash dumping.
Pass-the-hash attacks with CrackMapExec
In today's episode I share some emails and conversations we had with Rapid7 about these tests and their results. I'm also thrilled to share with you the articles themselves: