Month: November 2021

  • Kerberoasting

    Crack the Kerberos service ticket to obtain the clear text password for the service account. The service ticket is encrypted using the SPN’s password hash.

  • Interview Questions

    Interview Questions

    Practicing responses to common interview questions helps build confidence, enabling you to respond effectively even in high-pressure situations. This preparation ensures that you can articulate your thoughts clearly, providing evidence of your abilities and making a strong case for why you are the ideal candidate for the job.

  • Pass-the-Hash

    Pass the hash allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LanMan hash of a user’s password, instead of requiring the associated plaintext password as is normally the case. It replaces the need for stealing the plaintext password with merely stealing the hash and using that to authenticate with.

  • Protected: MITRE ATT&CK Framework

    There is no excerpt because this is a protected post.

  • Unix Insecure file permissions

    Privilege escalation techniques on Unix. Exploit insecure file permissions on services that run as root or service accounts with more privileges.

  • Windows Unquoted Service Path

    Privilege escalation techniques on Windows.

  • Windows Insecure file permissions

    Privilege escalation techniques on Windows. Exploit insecure file permissions on services that run as NT Authority\SYSTEM.

  • User Account Control (UAC) Bypass

    Privilege escalation techniques on Windows by bypassing User Account Control (UAC).