To begin with, this post explores the exploitation technique known as the Shadow Credentials attack. This attack leverages the mismanagement or exploitation of Active Directory
Pre2K Active Directory misconfigurations (short for “Pre-Windows 2000”) often stem from overlooked legacy settings in Windows environments. Common issues include enabling NTLM or SMBv1 for
In this post, we explore the exploitation technique known as the Kerberos Username Bruteforce or Kerberos pre-authentication brute-force attack. This attack takes advantage of Kerberos
Active Directory (AD) penetration testing is an essential part of the security assessment of enterprise networks. Moreover, the Netexec tool offers a wide range of
WinRM Penetration Testing plays a crucial role in assessing the security of Windows environments. This guide further explores lateral movement, remote shell access, and exploitation
Pwncat penetration testing tool stands out as an open-source Python tool highly regarded for its versatility, providing a contemporary alternative to the traditional netcat utility.
Evil-winrm tool is originally written by the team Hackplayers. The purpose of this tool is to make penetration testing easy as possible especially in the
Kerbrute is a tool used to enumerate valid Active directory user accounts that use Kerberos pre-authentication. Also, this tool can be used for password attacks
In this blog, we dive into a Server Operator exploit scenario for Windows Privilege Escalation, leveraging the commonly overlooked but powerful Server Operator group in