Techniques

Techniques

Pivoting using Proxy Chains

on Jul 21
First cat out the proxychains file cat /etc/proxychains4.conf at the bottom look […]
Read more
Techniques

SUID/SGID Programs

on Jul 11
The set user ID (SETUID or SUID) tells linux the executable files […]
Read more
Techniques

Fuzzing an upload form to identify which extensions are not blocked

on Jun 20
This is the process I use to see which extensions may be […]
Read more
Techniques

Extracing Plaintext Google Chrome Passwords

on Jun 12
This is a technique that can be used to retrieve any Google […]
Read more
Techniques

DNS Zone Transfers

on Apr 25
A zone transfer is a transaction that is intended to be used […]
Read more
Techniques

Kerberoasting with Mimikatz

on Apr 23
Mimikatz is a very popular and powerful post-exploitation tool most commonly used […]
Read more
Techniques

Cracking and Dumping hashes with MimiKatz

on Apr 23
Mimikatz is a very popular and powerful post-exploitation tool mainly used for […]
Read more
Techniques

Embedding Malware

on Apr 6
Embedding Malware in PDFs Launch Metasploit search adobe_pdf set options set Payload […]
Read more
Techniques

Creating Custom Payloads

on Apr 4
Creating custom payloads can be useful as detection tools can recognize security […]
Read more
Techniques

Obtaining Windows Domain Controller Hashes

on Mar 9
*After obtaining Admin access* The tool of choice is built into Windows.  […]
Read more
Techniques

Upgrading your shell

on Dec 29
python -c “import pty; pty.spawn(‘/bin/bash’)” Running this command should allow you to […]
Read more
Techniques

Python Server

on Dec 28
Python Web server can come in handy when pentesting. It can be […]
Read more
Techniques

Shell to Meterpreter

on Dec 22
Background the session that is open run the command search shell_to_meterpreter use 0 […]
Read more