Posted in Computing Security Penetration Testing Windows

SMB Shares

Reference: //Good video talking about talking about taking advantage of SMB shares http://obscuresecurity.blogspot.com/2012/05/gpp-password-retrieval-with-powershell.html http://esec-pentest.sogeti.com/exploiting-windows-2008-group-policy-preferences   // The video below is a good demonstration of putting…

Continue Reading?
Posted in Penetration Testing

Pivoting Notes

Pivoting If you can SSH to the compromised server by using ssh, you can use the SSH Dynamic Port Forwarding (Socks Proxy) or SSH Local…

Continue Reading?
Posted in Privilege Escalation

Privilege Escalation Reference (Windows)

// What system are we connected to? systeminfo | findstr /B /C:”OS Name” /C:”OS Version” // Get the hostname and username (if available) hostname echo…

Continue Reading?
Posted in Linux Privilege Escalation Uncategorized Windows

Privilege Escalation +Videos

Windows Privilege Escalation I just watched this one and I found it to be very refreshing. 😉 ^^ http://www.fuzzysecurity.com/tutorials/16.html https://www.offensive-security.com/metasploit-unleashed/privilege-escalation/ http://it-ovid.blogspot.cl/2012/02/windows-privilege-escalation.html https://github.com/gentilkiwi/mimikatz http://bernardodamele.blogspot.cl/2011/12/dump-windows-password-hashes.html https://www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be http://www.harmj0y.net/blog/powershell/powerup-a-usage-guide/…

Continue Reading?
Posted in Computing Security

OWASP Top 10

https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf     Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using…

Continue Reading?
Posted in Computing Security Packet Sniffing

Snort Lab 11-21-18

In this exercise, you will learn the basics of Snort. Go to Start > Run > Enter cmd. Right-click on the cmd icon and select…

Continue Reading?
Posted in Packet Sniffing

Wireshark Lab 11-18-18

Setting up for wireshark lab… select wireless adapter. Started up ready with arp or icmp filter. Starting ping from outside with android device. Capturing packets…….

Continue Reading?
Posted in Computing Security

Windows NTFS File System

In order to improve performance, reliability, and support large disk volumes, Microsoft developed NTFS file system for Windows NT in the early ’90s. NTFS is…

Continue Reading?
Posted in Computing Security

Encase for FAT Demo

EnCase Forensic is a fantastic tool for forensic analysis. In this demo, I only want to show you how do we use EnCase to visually…

Continue Reading?
Posted in Computing Security

Windows FAT File Systems

After acquiring and preserving the pertinent evidence, we move onto analyzing Windows images. As mentioned earlier, forensic analysis tools usually bypass operating systems normal operations…

Continue Reading?