Credential Dumping: DCSync Attack
Abusing Microsoft Outlook 365 to Capture NTLM
Comprehensive Guide on Password Spraying Attack
Lateral Movement: Pass the Cache
Lateral Movement: Over Pass the Hash
Lateral Movement: Pass the Hash Attack
Deep Dive into Kerberoasting Attack
Domain Controller Backdoor: Skeleton Key
Domain Persistence: Golden Ticket Attack
Lateral Moment on Active Directory: CrackMapExec
Data Exfiltration using DNSSteal
RDP Session Hijacking with tscon
Credential Dumping: Local Security Authority (LSA|LSASS.EXE)
Credential Dumping: Phishing Windows Credentials
Credential Dumping: Applications
Credential Dumping: Security Support Provider (SSP)
Credential Dumping: Windows Credential Manager
Credential Dumping: Group Policy Preferences (GPP)
Windows Persistence using Netsh
Windows Persistence using Bits Job
Windows Persistence using WinLogon
Bypass Detection for Meterpreter Shell (Impersonate_SSL)
Persistence: Accessibility Features
A Deep Drive on Proactive Threat Hunting
Threat Hunting – A proactive Method to Identify Hidden Threat
Evil SSDP: Spoofing the SSDP and UPnP Devices
Windows Persistence using Application Shimming
Multiple Ways to Exploit Windows Systems using Macros
Windows for Pentester: BITSAdmin
Cloakify-Factory: A Data Exfiltration Tool Uses Text-Based Steganography
Data Exfiltration using PowerShell Empire
Get Meterpreter Session Alert over slack
Covert Channel: The Hidden Network
Command & Control: WebSocket C2
Command and Control with DropboxC2
dnscat2: Command and Control over the DNS
Command & Control: Silenttrinity Post-Exploitation Agent
Command and Control Guide to Merlin
nps_payload: An Application Whitelisting Bypass Tool
GreatSct – An Application Whitelist Bypass Tool
Command and Control with HTTP Shell using JSRat
Koadic – COM Command & Control Framework
TrevorC2 – Command and Control
Generate Metasploit Payload with Ps1encode
Bypass Application Whitelisting using Weak Path Rule
Bypass Application Whitelisting using cmstp
Bypass Application Whitelisting using rundll32.exe (Multiple Methods)
Bypass Application Whitelisting using regsrv32.exe (Multiple Methods)
Bypass Application Whitelisting using wmic.exe (Multiple Methods)
Bypass Application Whitelisting using msbuild.exe (Multiple Methods)
Bypass Application Whitelisting using mshta.exe (Multiple Methods)
Bypass Application Whitelisting using msiexec.exe (Multiple Methods)
Windows Applocker Policy – A Beginner’s Guide
Multiple Ways to Exploiting Windows PC using PowerShell Empire
Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework
OSX Exploitation with Powershell Empire
Windows Persistence with PowerShell Empire
Multiple Ways to Exploiting OSX using PowerShell Empire