Knowledge Base for Penetration Testing
In this article, you will learn how to create secure HTTPS gateways on Kubernetes. We will use Cert Manager to generate TLS/SSL certificates. With Istio we can create secure HTTPS gateways and expose them outside a Kubernetes cluster. Our test application is built on top of Spring Boot. We will consider two different ways of […]
For this post, we will be deep-diving into the art of transferring files. We will go over various techniques on how to transfer files from our attacker machine onto a victim Windows 10 host (download), as well as from the victim Windows 10 host back onto our attacker machine (upload). As hackers, we constantly find […]
In this blog post we will look at how to perform AS-REP roasting in two different ways, how to use hashcat to crack a krbasrep5 hashes, and how to mitigate this type of attack. During kerberos pre-authentication, a user’s NTID is used to encrypt a timestamp and then the domain controller will attempt to decrypt […]
In this post we will take a look A LOT of tools and techniques that can be used to perform a pass-the-hash attack. First, we will dump the local SAM file hashes off our initial victim and extract the local administrator account’s hash. From there, we will use the local administrator hash to move laterally […]
In this Walkthrough, we will be hacking the machine Hutch from Proving Grounds Practice. To begin, we will utilize the ability to perform an anonymous LDAP search to dump account information where we will find a password. With valid credentials, we will run Bloodhound remotely to query the DC and find that our user has […]
In today’s tutorial, we are going to focus on adding a user to sudoers on the most recent CentOS distribution : CentOS 8. The sudo command is one of the most popular command available on Linux. It allows users to perform commands as another user, which is configured by default to run as the root […]
In today’s tutorial, we are going to see how you can add a user to sudoers on Debian distributions. The sudo command allows authorized users to perform commands as another user, which is by default the root user. There are two ways to add a user to sudoers : you can add this user to […]
As a system administrator, you are probably already familiar with the LDAP protocol. If you are working in a medium to large company, you can be sure that your company already owns a LDAP server, whether it is on Linux or Windows. Invented in the early 80s, the LDAP protocol (for Lightweight Directory Access Protocol) […]
If you are working in a medium to large company, you are probably interacting on a daily basis with LDAP. Whether this is on a Windows domain controller, or on a Linux OpenLDAP server, the LDAP protocol is very useful to centralize authentication. However, as your LDAP directory grows, you might get lost in all […]
Mach-O is a binary format used by Apple for its systems. The binary format contains assembled bytes, data and other information. Structured by a list of load commands, where each load command hold the neccessary pointers to the contents. Header At offset 0 lies a header structure, struct mach_header, containing the general information about the […]
by