Apache Tomcat 7.0.88 ➔ Default creds ➔ WAR upload ➔ SYSTEM shell One open port. That's all it took. ☠️ Let me break it down 👇 #HackTheBox #Jerry #Tomcat #NoPrivEscNeeded #WindowsHacking

PHP upload ➔ ConPtyShell ➔ MSSQL creds ➔ SQLi dump ➔ Hash crack ➔ WinRM ➔ Firefox creds ➔ ACL abuse ➔ LAPS ➔ Administrator The web app was the door. ☠️ Let me break it down 👇 #HackTheBox #ActiveDirectory #StreamIO #PrivEsc #WindowsHacking

Escape ➔ SMB enum ➔ MSSQL creds ➔ Silver Ticket ➔ Hash in logs ➔ ESC1 ➔ Administrator The PDF in the Public share was the door. ☠️ Let me break it down 👇 #HackTheBox #ActiveDirectory #Escape #ADCS #WindowsHacking

SMB shares ➔ Ansible Vault crack ➔ PWM Config Manager ➔ LDAP cred capture ➔ ESC1 abuse ➔ Administrator The Development share was the door. ☠️ Let me break it down 👇 #HackTheBox #ActiveDirectory #Authority #ADCS #WindowsHacking

Printer Admin Panel ➔ LDAP cred capture ➔ WinRM shell ➔ Server Operators abuse ➔ Service hijack ➔ SYSTEM The printer was the door. ☠️ Let me break it down 👇 #HackTheBox #ActiveDirectory #Return #PrivEsc #WindowsHacking

Day 26 of #100DaysOfCyberSecurity ✅ Blue Room completed on TryHackMe Hands-on Windows exploitation: recon, access, escalation & flag hunting. @ireteeh @segoslavia @comp_guyy #CyberSecurity #WindowsHacking #infosec #BlueTeam

كيف تسيطر على #ActiveـDirectory بالكامل! في هذا اللاب العملي، تخترق شبكة Windows Domain خطوة بخطوة: - تسميم LLMNR/NBT-NS - ⁠التقاط وكسر NTLMv2 - ⁠استغلال صلاحيات Account Operators - ⁠تصعيد إلى Domain Admin باستخدام أدوات احترافية: #Responder, #John, #NetExec, #EvilـWinRM cybertask.com/?room=lab&link… #CyberSecurity #RedTeam #ActiveDirectory #WindowsHacking

🚨 New Writeup Alert! 🚨 "Cicada Walkthrough — HackTheBox" by MrXcrypt is now live on IW! Check it out here: infosecwriteups.com/a78ff36f… #cicadas #evilwinrm #smb #hacktheboxwriteup #windowshacking

How To Dump Hashes And Crack Windows Hashes On A Pentest - Follow InfoSec Pat I will show you how to start dumping and cracking hashes in a Windows system. If you want to learn more about things like this please check out my course that will drop in a few weeks. Thank you all for the support and love and have a great Sunday. #WindowsHacking #CyberSecurity #HackingTips #ITSecurity #NetworkSecurity #DataBreach youtu.be/nTP2WMIQjn0?si=KOs_… via @YouTube

#Practice and #learning with some room on @tryhackme Platform. #windowshacking #learning #hacking #pentest #tryhackme

Training Alert !!!!👨‍💻 more details 👇🏽 We are excited to announce Shaunak Khosla as one of our Trainer at BSides Mumbai 2024! He is currently working at Redfox Security as Security Consultant. He is highly competent mindset, he owns not only a multitude of highly regarded industry certifications, such as OSCP, OSEP, OSWE, ECEH, and CRTP but also experience in dealing with enormous active directory environments, OPSEC considerations, malware development to bypass modern threat detection/prevention solutions and even phishing and delivery methods such as word macros, shortcut files and so on. Mark your calendar for an insightful session on Windows Red Teaming👨‍💻 Grab the opportunity to deep dive in Windows Red Teaming with Saunak!🎉 📆Date: 23-24 May 2024 📍Location: TBA 📄Register Now: meraevents.com/event/BSidesM… #bsidesmumbai #cybersecurity #securitybsides #windowshacking #redteamimg #training

Chapter 6: Directories🔍Reverse engineering Windows directory manipulation!💻Diving into creating/removing directories using WinAPI. Follow along as we dissect code, uncovering the intricacies of system-level operations. #ReverseEngineering #WindowsHacking github.com/mytechnotalent/Ha…

🚀 Hacklido's Bi-Monthly Newsletter's 1st version is up for August! 📙 Newsletter's Highlights: Blockchain, IOT Hacking, XXE attack, API security, SQL injection, DNS Takeover, OpenredireX, Priv Esc for Windows, Web race conditions, C2 server Hacking and more.. 💌 Make sure to subscribe and stay informed and updated with the latest news, insights, and updates from Hacklido. 🔗 hacklido.substack.com/p/news… #Cybersecurity #Infosec #OSINT #BugBounty #APISecurity #IoTHacking #ServerHacking #Blockchain #WindowsHacking #Cybesecjobs #CyberSecurity

Privileges Escalation Techniques (Basic to Advanced) for Windows - (Part-4) by @LE0_Hak #Cybersecurity #Infosec #Cybersec #BlueTeaming #RedTeaming #WindowsHacking #SystemHacking #OSCP #Microsoft #PrividegeEscalation hacklido.com/blog/542-privil…

Persistence Techniques (Beginner to Advanced) For Windows - (Part-2) by @LE0_Hak #Cybersecurity #Infosec #Cybersec #BlueTeaming #RedTeaming #WindowsHacking #SystemHacking #OSCP hacklido.com/blog/518-persis…

Ough The Defence Fort Helicopter’s Doing Training Manoeuvre’s Up Adn Down This Many Hour’s Adn Nightime Disturb My Afternon Nap With Their Chop Chop Rumble Bumble Grumble Roar Windowshacking Nonsense I Am Trying To Have Quiet Girl’s Time With My Sistor O K

Persistence Techniques (Beginner to Advanced) For Windows - (Part-1) by @LE0_Hak #Cybersec #Infosec #redteaming #blueteaming #oscp #backdoorAttacks #Persistance #WindowsHacking #hacking hacklido.com/blog/497-persis…

I just pwned Archetype in Hack The Box! Learned new things about 'mssqlclient.py' of Impacket Used Metasploit, Evil-winrm n sql-shell for command execution 😍 So surely a mixed fun with all these tools ❤️ #hackthebox #windowshacking #pentesting #htb #cybersecurity

NanoDump - Dumping LSASS has never been so stealthy #nanodump #CobaltStrike #mimikatz #pypykatz #RedTeam #Hacking #LSASSDump #WindowsHacking vapt.me/LSASS

Spraykatz is able to retrieve credentials on Windows machines & Active Directory. - Repo: github.com/aas-n/spraykatz - Credit: @aas_s3curity - #CyberSecurity #BugBounty #ActiveDirectory #WindowsHacking #CTF #InfoSec #SprayKatz #AVEvasion