In my previous post I talked about capturing hashes using a variety of different methods if you noticed these methods were utilizing LOLBAS also know as Living Off The Land Binaries and Scripts (and also Libraries) but what are these Executable that I utilized???. They are Windows Trusted Binaries that come installed into the System … Continue reading Execution
So today I just wanted to write a simple post on explaining the method of Capturing Hashes (NTLM, NTLMv2, Etc). Let’s say we have access to a Victim machine but we are trying to Escalate our privileges, Maintain persistence or Execute Commands, various things can be done from here but I won’t dive too deep … Continue reading Capturing Hashes
Well as of today in the current world’s situation. We are currently in Quarantine due to this Virus named COVID-19 (CoronaVirus). And I have been stuck at home just learning and reading the latest blogs and articles anything related to some Red Team Techniques, currently I met an individual with 20 years of experience in … Continue reading Small Update
Well here it is, I am finally going for a Red Team Job (Jr) am I nervous? Yes…totally, was wondering how will I explain myself if I manage to ace this interview. I mean I have been studying the MITRE ATTACK Framework as it was the bible, created a gitbook page to demonstrate attacks and … Continue reading Red Teaming
Wow it’s been a great amount of time since writing here, been really busy these last couple month’s on 2019. Interview’s, hacks, studying and moved onto the awesome field of Red-Team currently an Intern. So yeah… I’ve been doing a lot lately trying to catch up on these new attacks and new techniques for this … Continue reading 2020
And we made it people the last box of the series man what a ride learned a bunch with wordpress and other CMS, custom word-lists, enumeration and Burp awesome journey and was great to be part of this, this box was some work into it it all goes with experience but let’s move on with … Continue reading DC-6 Walk-Through
Another day!!, another box today I am working on DC-5 and it was great learned some awesome attacks and something so simple as “When All You Can Do Is Read” pretty informative give this one a google search, to sum this up it’s just, what would we do when all we can do is read … Continue reading DC-5 Walk-Through
Uuuff Today got DC-4 done and some other stuff this awesome box is a little more work started with enumerating just 2 ports where ssh and HTTP are shown then we see a simple web-login page, that has no security such as not blocking even once the many login attempts that have been done, once … Continue reading DC-4 Walk-Through
Ok, ok let’s get into this this Machine was awesome really into this one I was having incredibly crazy trouble with my sql injection but after some researching we can find a tool named joomblah that will take care of this automatically also after attacking WordPress the past boxes this one moves to one called … Continue reading DC-3 Walk-Through
Let us continue people!!, DC2 is here from my DC series this was pretty interesting as we needed more creativity and a little bit of guessing for how to proceed and keep on going with getting a shell, this box is well built as if you keep on moving in the intended path you will … Continue reading DC-2 Walk-Through
Today we will check on the DC series from Vulnhub very great series to begin for Pen testing and to keep a fresh mind for practicing some hacking let’s begin. Started with a arp-scan to find the target box Proceeded with a full port scan and then moved on with a more targeted scan on … Continue reading DC-1 Walk-Through
Another day another box, been somewhat busy with stuff, I really want to be active on my blog but my frequent changing to stuff on what to write, or what to do is killing me sometimes I do some vulnerable boxes or I just move into reading a book ( Web Application Hacker’s Handbook, cough … Continue reading Root-This Walk-through
DMCXBLUE 