Extracting NTLM Hashes With User Privileges

Extracting NTLM hashes without the need for Mimikatz.

Offensive Security Experienced Penetration Tester (OSEP) Review

A review of the Evasion Techniques and Breaching Defences course by Offensive Security.

NTLM Relay Attacks

Performing NTLM relay attacks using SMB and LDAP.

Pentest One Liners

A list of one line commands for Windows to download and execute payloads.

Credential Interception Using Malicious SMB Shares

How to intercept NTLM-SSP hashed credentials for offline cracking.

Casino Royale CTF Walkthrough

A walkthrough for VulnHub’s Casino Royale CTF.

GoldenEye CTF

A writeup of the VulnHub GoldenEye capture the flag (CTF) challenge.

Extracting Windows Credentials Using Native Tools

How to extract credentials from Windows systems using built in commands.

What You Need to Know About Kerberoasting

An overview of Kerbroasting to extract service account credentials.

Lateral Movement With Named Pipes

A demonstraton of named pipe communication using Meterpreter.

Session Enumeration With NetSessionEnum API

How to take advantage of the NetSessionEnum API to determine remotely logged in users.

BloodHound by Example

A demonstration of how BloodHound can be used to exploit Active Directory based networks.