Ghassan Amaimiaghassanamaimia.hashnode.dev·Jul 25, 2024OSCP Journey : TJ_Null IntelligenceI - Introduction : In this blog post, we will explore a detailed approach to penetrating an Active Directory environment, specifically targeting the intelligence.htb domain. Our journey begins with an initial Nmap scan to identify open ports and serv...Discuss#cybersecurity
theblxckcicadablog.blxckcicada.co.za·Jul 9, 2024Active Directory Enumeration with MastertulBefore you continue with this blog post, I want to clarify that this content is for educational and ethical purposes only. Do not use these methods on a network you are not authorized to access. Active Directory(AD) enumeration is like exploring a Wi...Discuss#enumeration
pointedsecpointedsec.hashnode.dev·Jul 6, 2024Authority | HackTheBoxIntroducción Authority es una máquina de dificultad media de HackTheBox basada en Windows. En esta máquina se tocan conceptos de enumeración del protocolo SMB, donde encontraremos playbooks de Ansible, en estos playbooks se contiene "vaults" encripta...DiscussESC1
pointedsecpointedsec.hashnode.dev·Jun 29, 2024Abusando de DPAPIEn este artículo, se explora el concepto de DPAPI (Data Protection API) de Windows, su funcionamiento y su uso para encriptar y desencriptar datos sensibles. También se detallan los puntos débiles de DPAPI, como el uso del cifrado 3DES y la creación ...Discuss·50 readsDPAPI
Ghassan Amaimiaghassanamaimia.hashnode.dev·Jun 23, 2024OSCP Journey : Kerberoasting Silver Ticket ForgingI - Introduction : Kerberoasting can be affective methode for extracting service account crednetials from Active Directory as a regular user without sending packets to the target system . II - Requirement : For this Attack to succeed we will need som...Discuss#cybersecurity
Ghassan Amaimiaghassanamaimia.hashnode.dev·Jun 12, 2024OSCP Journey: Introduction to Domain Enumeration with PowerViewI - Introduction : Once we have successfully compromised our target, the next critical phase involves conducting comprehensive domain enumeration to gather detailed information about the Active Directory environment. To facilitate this process, we wi...Discuss#cybersecurity
Ghassan Amaimiaghassanamaimia.hashnode.dev·Jun 5, 2024OSCP Journey : LLMNR/NBT-NS ATTACKI - Introduction In this post, we will explore LLMNR/NetBIOS attacks, focusing on the use of a tool called RESPONDER and its ability to poison LLMNR/NetBIOS. We will then discuss effective defense strategies against this attack. Finally, we will demo...Discuss·1 likellMNR
Ghassan Amaimiaghassanamaimia.hashnode.dev·Jun 3, 2024OSCP Journey - ACTIVE DIRECTORY HOME LabI - Introduction As a cybersecurity student and aspiring pentester preparing for the OSCP certification, I chose Active Directory as my first focus. Initially, I was intimidated by Active Directory and often avoided machines with it on the Hack The B...Discuss#cybersecurity
modesto Tejedatechps.hashnode.dev·May 13, 2024Exploring PowerShell Script to Test Active Directory UsersIn today's digital landscape, managing users within Active Directory (AD) is paramount for organizational efficiency and security. PowerShell scripts offer a robust way to automate such tasks, enhancing productivity and reducing human error. One such...DiscussPowershell
David Phamdbyteslearning.hashnode.dev·May 5, 2024Exploring AD : Creating a Mapped DriveIn my journey of exploration and learning in the world of IT, I am excited to delve into the realm of mapped drives. Mapped drives offer a fascinating avenue to enhance efficiency and streamline workflows, making them an indispensable tool in the IT ...DiscussServer-Manager