Golden Certificate Domain persistence techniques enable red teams that have compromised the domain to opera... 2021-11-15 20:12:51 | 阅读: 7 | 收藏 | pentestlab.blog machine rubeus mimikatz forge

Resource Based Constrained Delegation Microsoft in an attempt to provide more flexibility to domain users enabled owner of res... 2021-10-23 14:45:19 | 阅读: 24 | 收藏 | pentestlab.blog machine delegation pentestlab purple

Lateral Movement – WebClient Coercing elevated accounts such as machine accounts to authenticate to a host under the... 2021-10-20 17:03:10 | 阅读: 9 | 收藏 | pentestlab.blog machine responder delegation rubeus

Lateral Movement – WebClient Coercing elevated accounts such as machine accounts to authenticate to a host under the... 2021-10-20 16:3:10 | 阅读: 8 | 收藏 | pentestlab.blog machine responder rubeus delegation

Resource Based Constrained Delegation Microsoft in an attempt to provide more flexibility to domain users enabled owner of res... 2021-10-18 16:15:0 | 阅读: 7 | 收藏 | pentestlab.blog machine delegation purple pentestlab

PetitPotam – NTLM Relay to AD CS Deployment of an Active Directory Certificate Services (AD CS) on a corporate environmen... 2021-09-15 06:00:00 | 阅读: 47 | 收藏 | pentestlab.blog petitpotam purple mimikatz adcspwn

PetitPotam – NTLM Relay to AD CS Deployment of an Active Directory Certificate Services (AD CS) on a corporate environmen... 2021-9-15 05:0:0 | 阅读: 15 | 收藏 | pentestlab.blog petitpotam purple mimikatz adcspwn

Account Persistence – Certificates It is not uncommon organizations to implement an internal certification authority in ord... 2021-09-14 03:35:00 | 阅读: 52 | 收藏 | pentestlab.blog machine purple certstealer rubeus certify

Account Persistence – Certificates It is not uncommon organizations to implement an internal certification authority in ord... 2021-9-14 02:35:0 | 阅读: 10 | 收藏 | pentestlab.blog machine certstealer purple rubeus certify

Domain Escalation – PrintNightmare Printers are part of every corporate infrastructure therefore Windows environments they... 2021-08-17 15:25:00 | 阅读: 45 | 收藏 | pentestlab.blog spooler pentestlab pingcastle unc

HiveNightmare The security account manager (SAM) file contains the password hashes of the users on a W... 2021-08-16 15:33:00 | 阅读: 31 | 收藏 | pentestlab.blog security windows mimikatz lsadump

Universal Privilege Escalation and Persistence – Printer The Print Spooler is responsible to manage and process printer jobs. It runs as a servic... 2021-08-02 15:35:25 | 阅读: 80 | 收藏 | pentestlab.blog printer mimispool copyfiles

Dumping RDP Credentials Administrators typically use Remote Desktop Protocol (RDP) in order to manage Windows en... 2021-05-24 20:45:02 | 阅读: 178 | 收藏 | pentestlab.blog memory mimikatz mstsc rdpthief windows

Persistence – AMSI AMSI (Antimalware Scan Interface) is a vendor agnostic interface which can communicate w... 2021-05-17 16:53:08 | 阅读: 198 | 收藏 | pentestlab.blog keypath clsidstring arraysize hresult

Remote Potato – From Local Administrator to Enterprise Admin NTLM Relaying is an well-known technique that was mainly used in security assessments in... 2021-05-04 16:27:16 | 阅读: 178 | 收藏 | pentestlab.blog wchar remote privileges pentestlab

PlexTrac – A Platform for Purple Teaming PlexTrac is a platform which can be used by internal security teams or consultancies to... 2021-03-31 02:12:13 | 阅读: 190 | 收藏 | pentestlab.blog plextrac purple engagement runbook teaming

Lateral Movement – Services Services with elevated privileges typically were used in the past as method of privilege... 2020-07-22 02:25:41 | 阅读: 387 | 收藏 | pentestlab.blog lateral pentestlab windows scshell username

Indirect Command Execution The windows ecosystem provides multiple binaries that could be used by adversaries to ex... 2020-07-07 02:52:54 | 阅读: 436 | 收藏 | pentestlab.blog pentestlab windows forfiles payload

Spyse – A Cyber Security Search Engine Spyse – A Cyber Security Search EngineJune 15, 2020Gener... 2020-06-16 05:05:46 | 阅读: 450 | 收藏 | pentestlab.blog spyse security testers robots

Persistence – COM Hijacking Microsoft introduced Component Object Model (COM) in Windows 3.11 as a method to implement obj... 2020-05-20 20:50:22 | 阅读: 517 | 收藏 | pentestlab.blog hijacking clsid progid