https://pentestlab.blog/methodologies/red-teaming/credential-access/https://pentestlab.blog/wp-content/uploads/2024/08/image-1.pngimagehttps://pentestlab.blog/wp-content/uploads/2024/08/credentials-passwords.pngcredentials-passwordshttps://pentestlab.blog/wp-content/uploads/2024/08/image.pngimage2024-08-28T08:33:07+00:00weekly0.6https://pentestlab.blog/2024/08/20/web-browser-stored-credentials/https://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-donpapi.pngWeb Browser Stored Credentials - donpapihttps://pentestlab.blog/wp-content/uploads/2024/08/dpapi-linux.jpgDPAPI - Linuxhttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-dploot-master-key.pngWeb Browser Stored Credentials - dploot Master Keyhttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-dploot.pngWeb Browser Stored Credentials - dploothttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-lsassy-master-keys.pngWeb Browser Stored Credentials - lsassy Master Keyshttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-dpapi-domain-backup-key-file.pngWeb Browser Stored Credentials - DPAPI Domain Backup Key Filehttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-dpapi-domain-backup-key.pngWeb Browser Stored Credentials - DPAPI Domain Backup Keyhttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-decrypt-master-key-mimikatz.pngWeb Browser Stored Credentials - Decrypt Master Key Mimikatzhttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-domain-backup-key-mimikatz.pngWeb Browser Stored Credentials - Domain Backup Key Mimikatzhttps://pentestlab.blog/wp-content/uploads/2024/08/web-browser-stored-credentials-dpapi-backupkey.pngWeb Browser Stored Credentials - DPAPI BackupKey2024-08-19T21:06:18+00:00monthlyhttps://pentestlab.blog/methodologies/red-teaming/persistence/https://pentestlab.blog/wp-content/uploads/2024/03/persistence-techniques.webpPersistence Techniqueshttps://pentestlab.blog/wp-content/uploads/2012/04/19.pngWEAKERTH4NWEAKERTH4N Menu2024-04-04T19:38:45+00:00weekly0.6https://pentestlab.blog/2024/04/03/persistence-dll-proxy-loading/https://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-process-thread.pngdll-proxying-loading-process-threadhttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-implant.pngdll-proxying-loading-implanthttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-c2.pngdll-proxying-loading-c2https://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-fzsftp.pngdll-proxying-loading-fzsftphttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-sharpdllproxy-dll-proxy.pngdll-proxying-loading-sharpdllproxy-dll-proxyhttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-sharpdllproxy.pngdll-proxying-loading-sharpdllproxyhttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-spartacus-dll-hijacking.pngdll-proxying-loading-spartacus-dll-hijackinghttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-spartacus.pngdll-proxying-loading-spartacushttps://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-messagebox-1.pngdll-proxying-loading-messagebox-1https://pentestlab.blog/wp-content/uploads/2024/04/dll-proxying-loading-dll-export-proxy-dll-dumpbin.pngdll-proxying-loading-dll-export-proxy-dll-dumpbin2024-04-02T23:02:04+00:00monthlyhttps://pentestlab.blog/2024/03/05/persistence-explorer/https://pentestlab.blog/wp-content/uploads/2024/03/explorer-host-enumeration.pngexplorer-host-enumerationhttps://pentestlab.blog/wp-content/uploads/2024/03/explorer-implant.pngexplorer-implanthttps://pentestlab.blog/wp-content/uploads/2024/03/explorer-cscapi.pngexplorer-cscapihttps://pentestlab.blog/wp-content/uploads/2024/03/explorer-dll-hijacking.pngexplorer-dll-hijackinghttps://pentestlab.blog/wp-content/uploads/2024/03/explorer-python-web-server.pngexplorer-python-web-serverhttps://pentestlab.blog/wp-content/uploads/2024/03/explorer-process-monitor-cscapi.pngexplorer-process-monitor-cscapi2024-10-08T17:19:31+00:00monthlyhttps://pentestlab.blog/2024/03/04/persistence-visual-studio-code-extensions/https://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-javascript-messagebox.pngvisual-studio-code-extensions-javascript-messageboxhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-electron-javascript.pngvisual-studio-code-extensions-electron-javascripthttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-javascript.pngvisual-studio-code-extensions-javascripthttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-meterpreter-working-directory.pngvisual-studio-code-extensions-meterpreter-working-directoryhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-meterpreter.pngvisual-studio-code-extensions-meterpreterhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-powershell-payload.pngvisual-studio-code-extensions-powershell-payloadhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-process.pngvisual-studio-code-extensions-processhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-extension.pngvisual-studio-code-extensions-extensionhttps://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-c2.pngvisual-studio-code-extensions-c2https://pentestlab.blog/wp-content/uploads/2024/02/visual-studio-code-extensions-visual-studio-code.pngvisual-studio-code-extensions-visual-studio-code2024-03-02T13:32:22+00:00monthlyhttps://pentestlab.blog/2024/02/20/as-rep-roasting/https://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-winrm.pngas-rep-roasting-winrmhttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-crackmapexec.pngas-rep-roasting-crackmapexechttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-crackmapexec-unauthenticated.pngas-rep-roasting-crackmapexec-unauthenticatedhttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-impacket-john.pngas-rep-roasting-impacket-johnhttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-impacket.pngas-rep-roasting-impackethttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-impacket-unauthenticated.pngas-rep-roasting-impacket-unauthenticatedhttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-rubeus.pngas-rep-roasting-rubeushttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-rubeus-c2.pngas-rep-roasting-rubeus-c2https://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-john.pngas-rep-roasting-johnhttps://pentestlab.blog/wp-content/uploads/2024/01/as-rep-roasting-hash.pngas-rep-roasting-hash2024-02-19T20:29:44+00:00monthlyhttps://pentestlab.blog/2024/02/05/persistence-windows-setup-script/https://pentestlab.blog/wp-content/uploads/2024/01/windows-setup-script-process-tree.pngwindows-setup-script-process-treehttps://pentestlab.blog/wp-content/uploads/2024/01/windows-setup-script-c2.pngwindows-setup-script-c2https://pentestlab.blog/wp-content/uploads/2024/01/windows-setup-script-messagebox.pngwindows-setup-script-messageboxhttps://pentestlab.blog/wp-content/uploads/2024/01/windows-setup-script-folder.pngwindows-setup-script-folderhttps://pentestlab.blog/wp-content/uploads/2024/01/windows-setup-script-message-box-code.pngwindows-setup-script-message-box-code2024-01-26T17:57:22+00:00monthlyhttps://pentestlab.blog/2024/01/29/persistence-disk-clean-up/https://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-cleanup-dll.pngpersistence-disk-clean-up-cleanup-dllhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-messagebox.pngpersistence-disk-clean-up-messageboxhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-metasploit.pngpersistence-disk-clean-up-metasploithttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-msfvenom-dll.pngpersistence-disk-clean-up-msfvenom-dllhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-msfvenom.pngpersistence-disk-clean-up-msfvenomhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-visual-studio-messagebox.pngpersistence-disk-clean-up-visual-studio-messageboxhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-registry-query-clsid.pngpersistence-disk-clean-up-registry-query-clsidhttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-clsid-downloaded-program-files.pngpersistence-disk-clean-up-clsid-downloaded-program-fileshttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up-volumecaches.pngpersistence-disk-clean-up-volumecacheshttps://pentestlab.blog/wp-content/uploads/2024/01/persistence-disk-clean-up.pngpersistence-disk-clean-up2024-01-23T17:04:03+00:00monthlyhttps://pentestlab.blog/2024/01/22/domain-escalation-backup-operator/https://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-whoami.pngbackup-operator-whoamihttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-list-files-dc.pngbackup-operator-list-files-dchttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-regsave.pngbackup-operator-regsavehttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-regsave-access-control-list.pngbackup-operator-regsave-access-control-listhttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-crackmapexec.pngbackup-operator-crackmapexechttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-secretsdump.pngbackup-operator-secretsdumphttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-non-domain-joined.pngbackup-operator-non-domain-joinedhttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-dump-sam.pngbackup-operator-dump-samhttps://pentestlab.blog/wp-content/uploads/2024/01/backup-operator-backupoperatortoolkit.pngbackup-operator-backupoperatortoolkithttps://pentestlab.blog/wp-content/uploads/2024/01/backupoperator-identify-backup-privilege-groups.pngbackupoperator-identify-backup-privilege-groups2024-02-05T07:09:25+00:00monthlyhttps://pentestlab.blog/2024/01/15/lateral-movement-visual-studio-dte/https://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-lsass-dumping.pngvisual-studio-dte-lsass-dumpinghttps://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-implant.pngvisual-studio-dte-implanthttps://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-implant-execution.pngvisual-studio-dte-implant-executionhttps://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-command-execution.pngvisual-studio-dte-command-executionhttps://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-enumerate-processes.pngvisual-studio-dte-enumerate-processeshttps://pentestlab.blog/wp-content/uploads/2023/12/visual-studio-dte-registry-clsid.pngvisual-studio-dte-registry-clsid2023-12-31T21:14:01+00:00monthlyhttps://pentestlab.blog/2024/01/08/persistence-event-log/https://pentestlab.blog/wp-content/uploads/2023/12/event-log-havoc-c2.pngevent-log-havoc-c2https://pentestlab.blog/wp-content/uploads/2023/12/event-log-shellcode.pngevent-log-shellcodehttps://pentestlab.blog/wp-content/uploads/2023/12/event-log-havoc-sharpeventpersist.pngevent-log-havoc-sharpeventpersisthttps://pentestlab.blog/wp-content/uploads/2023/12/event-log-havoc-bin-shellcode.pngevent-log-havoc-bin-shellcodehttps://pentestlab.blog/wp-content/uploads/2023/12/event-log-read-log-entry.pngevent-log-read-log-entryhttps://pentestlab.blog/wp-content/uploads/2023/12/event-log-write-log-entry.pngevent-log-write-log-entryhttps://pentestlab.blog/wp-content/uploads/2023/04/persistence-event-log-hexadecimal-becon.pngpersistence-event-log-hexadecimal-beconhttps://pentestlab.blog/wp-content/uploads/2023/04/persistence-event-log-meterpreter-powershell.pngpersistence-event-log-meterpreter-powershellhttps://pentestlab.blog/wp-content/uploads/2023/04/persistence-event-log-powershell.pngpersistence-event-log-powershellhttps://pentestlab.blog/wp-content/uploads/2023/04/persistence-event-log-hexadecimal-payload-msfvenom.pngpersistence-event-log-hexadecimal-payload-msfvenom2023-12-31T18:58:52+00:00monthlyhttps://pentestlab.blog/2024/01/02/initial-access-search-ms-uri-handler/https://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-excel-handler.pngsearch-uri-handler-excel-handlerhttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-excel-via-webdav.pngsearch-uri-handler-excel-via-webdavhttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-excel.pngsearch-uri-handler-excelhttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-implant.pngsearch-uri-handler-implanthttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-motw.pngsearch-uri-handler-motwhttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-executable.pngsearch-uri-handler-executablehttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-webclient-service.pngsearch-uri-handler-webclient-servicehttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-implant-whoami.pngsearch-uri-handler-implant-whoamihttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-implant-via-visual-studio-solution.pngsearch-uri-handler-implant-via-visual-studio-solutionhttps://pentestlab.blog/wp-content/uploads/2023/12/search-uri-handler-visual-studio.pngsearch-uri-handler-visual-studio2023-12-29T23:12:21+00:00monthlyhttps://pentestlab.blog/2023/11/20/persistence-scheduled-task-tampering/https://pentestlab.blog/wp-content/uploads/2023/11/6574c40a-00fa-460c-96c3-fda7e6b890c2.jpg_6574c40a-00fa-460c-96c3-fda7e6b890c2https://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-havoc-c2.pngscheduled-task-tampering-havoc-c2https://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-havoc-c2-scheduled-task-enumeration.pngscheduled-task-tampering-havoc-c2-scheduled-task-enumerationhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-havoc-c2-scheduled-task-query.pngscheduled-task-tampering-havoc-c2-scheduled-task-queryhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-scheduled-task-modification.pngscheduled-task-tampering-scheduled-task-modificationhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-ghosttask-task-modification.pngscheduled-task-tampering-ghosttask-task-modificationhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-action-registry-key.pngscheduled-task-tampering-action-registry-keyhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-pentestlab-task-information.pngscheduled-task-tampering-pentestlab-task-informationhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-pentestlab-task.pngscheduled-task-tampering-pentestlab-taskhttps://pentestlab.blog/wp-content/uploads/2023/11/scheduled-task-tampering-ghosttask-create-new-task-output.pngscheduled-task-tampering-ghosttask-create-new-task-output2023-11-19T17:51:07+00:00monthlyhttps://pentestlab.blog/2023/11/06/persistence-windows-telemetry/https://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-c2-implant.pngwindows-telemetry-persistence-havoc-c2-implanthttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-c2-whoami.pngwindows-telemetry-persistence-havoc-c2-whoamihttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-c2-sessions.pngwindows-telemetry-persistence-havoc-c2-sessionshttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-implant.pngwindows-telemetry-persistence-implanthttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-registry-telemetry.pngwindows-telemetry-persistence-registry-telemetryhttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-c2-telemetry-install-remote.pngwindows-telemetry-persistence-havoc-c2-telemetry-install-remotehttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-c2-telemetry-install-local.pngwindows-telemetry-persistence-havoc-c2-telemetry-install-localhttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-havoc-graph-view.pngwindows-telemetry-persistence-havoc-graph-viewhttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-registry.pngwindows-telemetry-persistence-registryhttps://pentestlab.blog/wp-content/uploads/2023/10/windows-telemetry-persistence-command-prompt.pngwindows-telemetry-persistence-command-prompt2023-11-01T22:28:38+00:00monthlyhttps://pentestlab.blog/2023/03/20/persistence-service-control-manager/https://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-meterpreter.pngpersistence-sddl-meterpreterhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-services.pngpersistence-sddl-serviceshttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-service-creation.pngpersistence-sddl-service-creationhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-security-descriptor-permission-modification.pngpersistence-sddl-security-descriptor-permission-modificationhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-scmanager-show-rights.pngpersistence-sddl-scmanager-show-rightshttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-enumerate-permissions-powershell.pngpersistence-sddl-enumerate-permissions-powershellhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-sddl-scmanager-security-descriptor.pngpersistence-sddl-scmanager-security-descriptor2023-03-20T15:53:46+00:00monthlyhttps://pentestlab.blog/2023/03/13/persistence-context-menu/https://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-virtualalloc.pngpersistence-contextmenu-virtualallochttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-meterpreter.pngpersistence-contextmenu-meterpreterhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-register-dll.pngpersistence-contextmenu-register-dllhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-msfvenom.pngpersistence-contextmenu-msfvenomhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-filecontextmenu-register-com.pngpersistence-contextmenu-filecontextmenu-register-comhttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-filecontextmenu-queryinterface.pngpersistence-contextmenu-filecontextmenu-queryinterfacehttps://pentestlab.blog/wp-content/uploads/2023/03/persistence-contextmenu-filecontextmenu-initialize.pngpersistence-contextmenu-filecontextmenu-initialize2023-03-13T15:19:43+00:00monthlyhttps://pentestlab.blog/2023/03/07/persistence-event-log-online-help/https://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-mmc-parent-process.pngevent-log-online-help-mmc-parent-processhttps://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-microsoft-redirection-url.pngevent-log-online-help-microsoft-redirection-urlhttps://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-messagebox.pngevent-log-online-help-messageboxhttps://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-meterpreter-regsvr32.pngevent-log-online-help-meterpreter-regsvr32https://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-microsoft-redirection-program-command-line-regsvr32.pngevent-log-online-help-microsoft-redirection-program-command-line-regsvr32https://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-meterpreter.pngevent-log-online-help-meterpreterhttps://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-microsoft-redirection-program.pngevent-log-online-help-microsoft-redirection-programhttps://pentestlab.blog/wp-content/uploads/2023/03/event-log-online-help-msfvenom.pngevent-log-online-help-msfvenom2023-03-07T10:45:51+00:00monthlyhttps://pentestlab.blog/2022/03/21/unconstrained-delegation/2022-03-21T16:57:33+00:00monthlyhttps://pentestlab.blog/2022/02/14/persistence-notepad-plugins/2022-02-02T20:00:49+00:00monthlyhttps://pentestlab.blog/2022/02/07/shadow-credentials/2022-01-24T16:30:07+00:00monthlyhttps://pentestlab.blog/2022/01/17/domain-persistence-machine-account/2022-01-17T11:25:15+00:00monthlyhttps://pentestlab.blog/2022/01/10/domain-escalation-samaccountname-spoofing/2022-01-08T08:27:31+00:00monthlyhttps://pentestlab.blog/2022/02/01/machine-accounts/2021-12-29T18:04:09+00:00monthlyhttps://pentestlab.blog/2022/01/04/domain-persistence-adminsdholder/2021-12-27T14:36:46+00:00monthlyhttps://pentestlab.blog/2021/11/15/golden-certificate/2021-11-15T12:12:51+00:00monthlyhttps://pentestlab.blog/2021/10/20/lateral-movement-webclient/2021-10-30T13:16:57+00:00monthlyhttps://pentestlab.blog/2021/10/18/resource-based-constrained-delegation/2022-12-07T09:19:19+00:00monthlyhttps://pentestlab.blog/2021/09/14/petitpotam-ntlm-relay-to-ad-cs/2022-11-23T10:15:44+00:00monthlyhttps://pentestlab.blog/2021/09/13/account-persistence-certificates/2021-11-08T12:12:21+00:00monthlyhttps://pentestlab.blog/2021/08/17/domain-escalation-printnightmare/2021-08-16T15:27:51+00:00monthlyhttps://pentestlab.blog/2021/08/16/hivenightmare/2021-08-20T18:58:59+00:00monthlyhttps://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/2021-08-03T08:33:42+00:00monthlyhttps://pentestlab.blog/2021/05/24/dumping-rdp-credentials/2022-10-04T08:39:08+00:00monthlyhttps://pentestlab.blog/2021/05/17/persistence-amsi/2021-05-17T07:53:08+00:00monthlyhttps://pentestlab.blog/2021/05/04/remote-potato-from-domain-user-to-enterprise-admin/2021-05-04T13:04:45+00:00monthlyhttps://pentestlab.blog/2021/03/30/plextrac-a-platform-for-purple-teaming/2021-03-30T17:12:13+00:00monthlyhttps://pentestlab.blog/2020/07/21/lateral-movement-services/2020-11-13T07:57:02+00:00monthlyhttps://pentestlab.blog/2020/06/15/spyse-a-cyber-security-search-engine/2020-07-07T21:44:04+00:00monthlyhttps://pentestlab.blog/2020/07/06/indirect-command-execution/2020-07-06T17:52:54+00:00monthlyhttps://pentestlab.blog/contact-the-lab/2020-07-04T13:14:29+00:00weekly0.6https://pentestlab.blog/2020/05/20/persistence-com-hijacking/2020-05-20T11:50:22+00:00monthlyhttps://pentestlab.blog/2020/03/04/persistence-dll-hijacking/2020-03-04T13:01:34+00:00monthlyhttps://pentestlab.blog/2020/03/02/phishing-windows-credentials/2020-03-01T10:31:04+00:00monthlyhttps://pentestlab.blog/2020/02/24/parent-pid-spoofing/2020-02-23T18:03:29+00:00monthlyhttps://pentestlab.blog/2020/02/12/persistence-rid-hijacking/2020-02-11T20:03:39+00:00monthlyhttps://pentestlab.blog/2020/02/10/credential-access-password-filter-dll/2020-02-09T09:20:32+00:00monthlyhttps://pentestlab.blog/2020/02/04/persistence-waitfor/2020-02-03T21:58:07+00:00monthlyhttps://pentestlab.blog/2020/01/22/persistence-modify-existing-service/2020-01-23T04:47:47+00:00monthlyhttps://pentestlab.blog/2020/01/21/persistence-wmi-event-subscription/2020-01-21T09:47:04+00:00monthlyhttps://pentestlab.blog/methodologies/red-teaming/2020-01-03T14:29:55+00:00weekly0.6https://pentestlab.blog/methodologies/https://pentestlab.blog/wp-content/uploads/2012/02/backbox-2-menu.pngBackBox 2 BackBox 2 Menuhttps://pentestlab.blog/wp-content/uploads/2012/02/bt5-0.pngBacktrack 5Backtrack 5 KDE 2020-01-03T14:24:21+00:00weekly0.6https://pentestlab.blog/2020/01/14/persistence-winlogon-helper-dll/2020-01-03T14:00:16+00:00monthlyhttps://pentestlab.blog/2020/01/13/persistence-image-file-execution-options-injection/2024-06-20T13:38:51+00:00monthlyhttps://pentestlab.blog/2020/01/07/persistence-appinit-dlls/2020-01-07T22:08:27+00:00monthlyhttps://pentestlab.blog/2020/01/06/persistence-change-default-file-association/2019-12-23T14:42:15+00:00monthlyhttps://pentestlab.blog/2019/12/16/persistence-application-shimming/2019-12-15T20:38:54+00:00monthlyhttps://pentestlab.blog/2019/12/11/persistence-office-application-startup/2019-12-10T18:23:09+00:00monthlyhttps://pentestlab.blog/2019/11/13/persistence-accessibility-features/2019-11-13T13:29:00+00:00monthlyhttps://pentestlab.blog/2019/11/05/persistence-powershell-profile/2019-11-05T13:06:44+00:00monthlyhttps://pentestlab.blog/2019/11/04/persistence-scheduled-tasks/2019-11-06T20:59:47+00:00monthlyhttps://pentestlab.blog/2019/10/30/persistence-bits-jobs/2019-10-28T21:22:19+00:00monthlyhttps://pentestlab.blog/2019/10/29/persistence-netsh-helper-dll/2019-10-27T11:49:33+00:00monthlyhttps://pentestlab.blog/2019/10/28/persistence-port-monitors/2019-10-26T18:29:29+00:00monthlyhttps://pentestlab.blog/2019/10/22/persistence-time-providers/2023-05-14T02:46:08+00:00monthlyhttps://pentestlab.blog/2019/10/21/persistence-security-support-provider/2019-10-21T16:43:16+00:00monthlyhttps://pentestlab.blog/2019/10/09/persistence-screensaver/2019-10-09T12:57:25+00:00monthlyhttps://pentestlab.blog/2019/10/01/persistence-registry-run-keys/2019-10-08T21:48:12+00:00monthlyhttps://pentestlab.blog/2019/10/07/persistence-new-service/2019-10-08T21:47:56+00:00monthlyhttps://pentestlab.blog/2019/10/08/persistence-shortcut-modification/2021-12-30T18:10:11+00:00monthlyhttps://pentestlab.blog/2019/09/16/microsoft-exchange-privilege-escalation/2019-10-03T12:38:19+00:00monthlyhttps://pentestlab.blog/2019/09/12/microsoft-exchange-acl/2019-09-12T09:10:48+00:00monthlyhttps://pentestlab.blog/2019/09/11/microsoft-exchange-mailbox-post-compromise/2019-09-10T19:02:28+00:00monthlyhttps://pentestlab.blog/2019/09/10/microsoft-exchange-code-execution/2019-09-09T20:21:09+00:00monthlyhttps://pentestlab.blog/2019/09/09/microsoft-exchange-ntlm-relay/2019-10-10T02:47:48+00:00monthlyhttps://pentestlab.blog/contact-the-lab/about-us/2020-12-27T14:42:10+00:00weekly0.6https://pentestlab.blog/2019/09/05/microsoft-exchange-password-spraying/2019-09-05T12:51:18+00:00monthlyhttps://pentestlab.blog/2019/09/04/microsoft-exchange-domain-escalation/2019-09-04T10:43:34+00:00monthlyhttps://pentestlab.blog/2018/07/04/dumping-domain-password-hashes/https://pentestlab.blog/wp-content/uploads/2018/07/wmi-transfer-files-via-copy.pngWMI - Transfer Files via CopyTransfer Files via Copyhttps://pentestlab.blog/wp-content/uploads/2018/07/wmi-copy-system-file.pngWMI - Copy System FileWMI - Copy System Filehttps://pentestlab.blog/wp-content/uploads/2018/07/wmi-copy-ntds-file.pngWMI - Copy NTDS FileWMI - Copy NTDS Filehttps://pentestlab.blog/wp-content/uploads/2018/07/wmi-create-volume-shadow-copy.pngWMI - Create Volume Shadow CopyWMI - Create Volume Shadow Copyhttps://pentestlab.blog/wp-content/uploads/2018/07/adxtract-password-hashes.pngadXtract - Password HashesadXtract - Password Hasheshttps://pentestlab.blog/wp-content/uploads/2018/07/adxtract-list-of-users.pngadXtract - List of UsersadXtract - List of Usershttps://pentestlab.blog/wp-content/uploads/2018/07/adxtract.pngadXtractadXtracthttps://pentestlab.blog/wp-content/uploads/2018/07/ntdsdumpex.pngNTDSDumpExNTDSDumpExhttps://pentestlab.blog/wp-content/uploads/2018/07/impacket-extract-ntds-contents-remotely.pngimpacket - Extract NTDS Contents Remotelyimpacket - Extract NTDS Contents Remotelyhttps://pentestlab.blog/wp-content/uploads/2018/07/impacket-extract-ntds-contents.pngimpacket - Extract NTDS Contentsimpacket - Extract NTDS Contents2019-05-20T21:57:16+00:00monthlyhttps://pentestlab.blog/2018/06/12/kerberoast/https://pentestlab.blog/wp-content/uploads/2018/06/kerberoast-command-execution.pngKerberoast - Command ExecutionKerberoast - Command Executionhttps://pentestlab.blog/wp-content/uploads/2018/06/kerberoast-list-of-processes.pngKerberoast - List of ProcessesKerberoast - List of Processeshttps://pentestlab.blog/wp-content/uploads/2018/06/mimikatz-request-service-ticket.pngMimikatz - Request Service TicketMimikatz - Request Service Tickethttps://pentestlab.blog/wp-content/uploads/2018/06/autokerberoast-service-ticket-hash.pngAutoKerberoast - Service Ticket HashAutoKerberoast - Service Ticket Hashhttps://pentestlab.blog/wp-content/uploads/2018/06/autokerberoast-service-ticket-hashes-of-particular-domain-and-group.pngAutoKerberoast - Service Ticket Hashes of Particular Domain and GroupAutoKerberoast - Service Ticket Hashes of Particular Domain and Grouphttps://pentestlab.blog/wp-content/uploads/2018/06/autokerberoast-invoke-autokerberoast-base64.pngAutoKerberoast - Invoke-AutoKerberoast Base64AutoKerberoast - Invoke-AutoKerberoast Base64https://pentestlab.blog/wp-content/uploads/2018/06/autokerberoast-listuserspns-with-domain-parameter.pngAutoKerberoast - ListUserSPNs with Domain ParameterAutoKerberoast - ListUserSPNs with Domain Parameterhttps://pentestlab.blog/wp-content/uploads/2018/06/kerberoast-rewrite-service-tickets.pngKerberoast - Rewrite Service TicketsKerberoast - Rewrite Service Ticketshttps://pentestlab.blog/wp-content/uploads/2018/06/autokerberoast-listuserspns.pngAutoKerberoast - ListUserSPNsAutoKerberoast - ListUserSPNshttps://pentestlab.blog/wp-content/uploads/2018/06/empire-kerberoast-hash.pngEmpire - Kerberoast HashEmpire - Kerberoast Hash2018-06-12T06:24:10+00:00monthlyhttps://pentestlab.blog/2018/06/06/command-and-control-browser/https://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-jquery-configuration.pngBrowser C2 - jquery ConfigurationBrowser C2 - jquery Configurationhttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-mimikatz-poshc2.pngBrowser C2 - Mimikatz PoshC2Browser C2 - Mimikatz PoshC2https://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-mimikatz-via-implant-handler.pngBrowser C2 - Mimikatz via Implant HandlerBrowser C2 - Mimikatz via Implant Handlerhttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-implant-handler.pngBrowser C2 - Implant HandlerBrowser C2 - Implant Handlerhttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-code-execution-via-regsvr32-poshc2.pngBrowser C2 - Code Execution via regsvr32 PoshC2Browser C2 - Code Execution via regsvr32 PoshC2https://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-meterpreter-via-web-delivery.pngBrowser C2 - Meterpreter via Web DeliveryBrowser C2 - Meterpreter via Web Deliveryhttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-code-execution-via-regsvr32-metasploit.pngBrowser C2 - Code Execution via regsvr32 MetasploitBrowser C2 - Code Execution via regsvr32 Metasploithttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-metasploit-web-delivery-module.pngBrowser C2 - Metasploit Web Delivery ModuleBrowser C2 - Metasploit Web Delivery Modulehttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-user-enumeration-via-wmic.pngBrowser C2 - User Enumeration via WMICBrowser C2 - User Enumeration via WMIChttps://pentestlab.blog/wp-content/uploads/2018/06/browser-c2-command-execution.pngBrowser C2 - Command ExecutionBrowser C2 - Command Execution2018-06-01T21:40:40+00:00monthlyhttps://pentestlab.blog/2018/06/04/spn-discovery/https://pentestlab.blog/wp-content/uploads/2018/05/impacket-get-user-spn.pngImpacket - Get User SPNImpacket - Get User SPNhttps://pentestlab.blog/wp-content/uploads/2018/05/powershellery-get-domainspn.pngPowerShellery - Get-DomainSpnPowerShellery - Get-DomainSpnhttps://pentestlab.blog/wp-content/uploads/2018/05/powershellery-getspn-table.pngPowerShellery - GetSPN TablePowerShellery - GetSPN Tablehttps://pentestlab.blog/wp-content/uploads/2018/05/powershellery-getspn.pngPowershellery - GetSPNPowershellery - GetSPNhttps://pentestlab.blog/wp-content/uploads/2018/05/empire-spn-discovery.pngEmpire - SPN DiscoveryEmpire - SPN Discoveryhttps://pentestlab.blog/wp-content/uploads/2018/05/empire-spn-module.pngEmpire - SPN ModuleEmpire - SPN Modulehttps://pentestlab.blog/wp-content/uploads/2018/05/powershell-ad-recon-service-accounts-via-metasploit.pngPowerShell AD Recon - Service Accounts via MetasploitPowerShell AD Recon - Service Accountshttps://pentestlab.blog/wp-content/uploads/2018/05/powershell-ad-recon-exchange-servers-discovery-via-metasploit.pngPowerShell AD Recon - Exchange Servers Discovery via MetasploitPowerShell AD Recon - Exchange Servers Discovery https://pentestlab.blog/wp-content/uploads/2018/05/powershell-ad-recon-mssql-servers-discovery-via-metasploit.pngPowerShell AD Recon - MSSQL Servers Discovery via MetasploitPowerShell AD Recon - MSSQL Servers Discoveryhttps://pentestlab.blog/wp-content/uploads/2018/05/getuserspns-vbs-script-cmd.pngGetUserSPNs - VBS Script CMDGetUserSPNs - VBS Script 2020-09-21T12:22:28+00:00monthlyhttps://pentestlab.blog/2018/05/28/situational-awareness/https://pentestlab.blog/wp-content/uploads/2018/05/powerview-obtain-trusts-for-the-forest.pngPowerView - Obtain Trusts for the ForestPowerView - Forest Informationhttps://pentestlab.blog/wp-content/uploads/2018/05/remoterecon-usage.pngRemoteRecon - UsageRemoteRecon - Usagehttps://pentestlab.blog/wp-content/uploads/2018/05/remoterecon-install.pngRemoteRecon - InstallRemoteRecon - Installhttps://pentestlab.blog/wp-content/uploads/2018/05/hostenum-domain-checks.pngHostEnum - Domain ChecksHostEnum - Domain Checkshttps://pentestlab.blog/wp-content/uploads/2018/05/hostenum-domain-users.pngHostEnum - Domain UsersHostEnum - Domain Usershttps://pentestlab.blog/wp-content/uploads/2018/05/hostenum.pngHostEnumHostEnumhttps://pentestlab.blog/wp-content/uploads/2018/05/hostrecon-domain-checks.pngHostRecon - Domain ChecksHostRecon - Domain Checkshttps://pentestlab.blog/wp-content/uploads/2018/05/hostrecon-checks-for-security.pngHostRecon - Checks for SecurityHostRecon - Checks for Securityhttps://pentestlab.blog/wp-content/uploads/2018/05/hostrecon-local-users-and-local-admins.pngHostRecon - Local Users and Local AdminsHostRecon - Local Users and Local Adminshttps://pentestlab.blog/wp-content/uploads/2018/05/hostrecon-execution.pngHostRecon ExecutionHostRecon Execution2018-06-17T13:54:12+00:00monthlyhttps://pentestlab.blog/2018/05/15/lateral-movement-winrm/https://pentestlab.blog/wp-content/uploads/2018/05/winrm-local-group-policy.pngWinRM - Local Group PolicyWinRM - Local Group Policyhttps://pentestlab.blog/wp-content/uploads/2018/05/winrm-enable-the-service.pngWinRM - Enable the ServiceWinRM - Enable the Servicehttps://pentestlab.blog/wp-content/uploads/2018/05/empire-command-execution-via-winrm.pngEmpire - Command Execution via WinRMEmpire - Command Execution via WinRMhttps://pentestlab.blog/wp-content/uploads/2018/05/empire-list-of-agents.pngEmpire - List of AgentsEmpire - List of Agentshttps://pentestlab.blog/wp-content/uploads/2018/05/empire-psremoting.pngEmpire - PSRemotingEmpire - PSRemotinghttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-winrm-code-execution.pngMetasploit - WinRM Code ExecutionMetasploit - WinRM Code Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-winrm-code-execution-module-configuration.pngMetasploit - WinRM Code Execution Module ConfigurationMetasploit - WinRM Code Execution Module Configurationhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-winrm-command-output.pngMetasploit - WinRM Command OutputMetasploit - WinRM Command Outputhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-winrm-command-execution.pngMetasploit - WinRM Command ExecutionMetasploit - WinRM Command Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-winrm-discovery-of-credentials.pngMetasploit - WinRM Discovery of CredentialsMetasploit - WinRM Discovery of Credentials2019-04-27T14:12:14+00:00monthlyhttps://pentestlab.blog/2018/05/10/applocker-bypass-cmstp/https://pentestlab.blog/wp-content/uploads/2018/05/cmstp-inf-and-cmp-file.pngCMSTP - INF and CMP FileCMSTP - INF and CMP Filehttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-meterpreter-via-sct-execution.pngCMSTP - Meterpreter via SCT ExecutionCMSTP - Meterpreter via SCT Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-inf-execution-with-scriptlet.pngCMSTP - INF Execution with ScriptletCMSTP - INF Execution with Scriptlethttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-sct-execution.pngCMSTP - SCT ExecutionCMSTP - SCT Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-metasploit-multi-handler.pngCMSTP - Metasploit Multi HandlerCMSTP - Metasploit Multi Handlerhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-powershell.pngCMSTP - PowerShellCMSTP - PowerShellhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-meterpreter-via-dll-execution.pngCMSTP - Meterpreter via DLL ExecutionCMSTP - Meterpreter via DLL Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-inf-execution-locally.pngCMSTP - INF Execution LocallyCMSTP - INF Execution Locallyhttps://pentestlab.blog/wp-content/uploads/2018/05/cmstp-local-dll-execution.pngCMSTP - Local DLL ExecutionCMSTP - Local DLL Executionhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-dll-generation.pngMetasploit - DLL GenerationMetasploit - DLL Generation2019-04-04T22:16:18+00:00monthlyhttps://pentestlab.blog/2018/05/09/pdf-ntlm-hashes/https://pentestlab.blog/wp-content/uploads/2018/05/pdf-injected-with-smb-location.pngPDF - Injected with SMB LocationPDF - Injected with SMB Locationhttps://pentestlab.blog/wp-content/uploads/2018/05/worsepdf.pngWorsePDFWorsePDFhttps://pentestlab.blog/wp-content/uploads/2018/05/ntlm-hash-via-pdf.pngNTLM Hash via PDFNTLM Hash via PDFhttps://pentestlab.blog/wp-content/uploads/2018/05/bad-pdf-responder.pngBad-PDF - ResponderBad-PDF - Responderhttps://pentestlab.blog/wp-content/uploads/2018/05/bad-pdf.pngBad-PDFBad-PDF2018-05-09T07:49:42+00:00monthlyhttps://pentestlab.blog/2018/05/08/nbns-spoofing/https://pentestlab.blog/wp-content/uploads/2018/05/nbns-spoofing-hashes-via-metasploit.pngNBNS Spoofing - Hashes via MetasploitNBNS Spoofing - Hashes via Metasploithttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-nbns-response-module.pngMetasploit - NBNS Response ModuleMetasploit - NBNS Response Modulehttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-http-server.pngMetasploit - HTTP ServerMetasploit - HTTP Serverhttps://pentestlab.blog/wp-content/uploads/2018/05/metasploit-smb-server.pngMetasploit - SMB ServerMetasploit - SMB Serverhttps://pentestlab.blog/wp-content/uploads/2018/05/nbns-spoofing-hashes-via-responder.pngNBNS Spoofing - Hashes via ResponderNBNS Spoofing - Hashes via Responderhttps://pentestlab.blog/wp-content/uploads/2018/05/nbns-spoofing-responder.pngNBNS Spoofing - ResponderNBNS Spoofing - Responderhttps://pentestlab.blog/wp-content/uploads/2018/05/nbns-spoofing-hashes-via-inveigh.pngNBNS Spoofing - Hashes via InveighNBNS Spoofing - Hashes via Inveighhttps://pentestlab.blog/wp-content/uploads/2018/05/nbns-spoofing-powershell-inveigh.pngNBNS Spoofing - PowerShell InveighNBNS Spoofing - PowerShell Inveigh2018-05-04T12:01:23+00:00monthlyhttps://pentestlab.blog/2018/04/24/lateral-movement-rdp/https://pentestlab.blog/wp-content/uploads/2018/04/rdp-session-hijacking-via-service-netbiosx-user.pngRDP Session Hijacking via Service - netbiosX UserRDP Session Hijacking via Service - netbiosX Userhttps://pentestlab.blog/wp-content/uploads/2018/04/rdp-session-hijacking-via-service.pngRDP Session Hijacking via ServiceRDP Session Hijacking via Servicehttps://pentestlab.blog/wp-content/uploads/2018/04/rdp-sessions-terminal.pngRDP Sessions TerminalRDP Sessions Terminalhttps://pentestlab.blog/wp-content/uploads/2018/04/rpd-sessions-gui.pngRPD Sessions GuiRDP Sessions Guihttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-rdp-session-of-netbiosx.pngMimikatz - RDP Session of netbiosXMimikatz - RDP Session of netbiosXhttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-rdp-session-hijacking.pngMimikatz - RDP Session HijackingMimikatz - RDP Session Hijackinghttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-terminal-services-sessions1.pngMimikatz - Terminal Services SessionsMimikatz - Terminal Services Sessionshttps://pentestlab.blog/wp-content/uploads/2018/04/rdp-inception-meterpreter-active-sessions.pngRDP Inception - Meterpreter Active SessionsRDP Inception - Meterpreter Active Sessionshttps://pentestlab.blog/wp-content/uploads/2018/04/rdp-inception-meterpreter-on-the-dc.pngRDP Inception - Meterpreter on the DCRDP Inception - Meterpreter on the DChttps://pentestlab.blog/wp-content/uploads/2018/04/rdp-inception-code-execution-on-the-dc.pngRDP Inception - Code Execution on the DCRDP Inception - Code Execution on the DC2018-05-22T14:28:19+00:00monthlyhttps://pentestlab.blog/2018/04/16/dcshadow/https://pentestlab.blog/wp-content/uploads/2018/04/dcshadow-escalate-user-to-domain-admin.pngDCShadow - Escalate User to Domain AdminDCShadow - Verification that test user is DAhttps://pentestlab.blog/wp-content/uploads/2018/04/dcshadow-add-user-to-domain-admin-group.pngDCShadow - Add User to Domain Admin GroupDCShadow - Add User to Domain Admin Grouphttps://pentestlab.blog/wp-content/uploads/2018/04/dcshadow-url-value.pngDCShadow - url valueDCShadow - url Attributehttps://pentestlab.blog/wp-content/uploads/2018/04/dcshadow-push.pngDCShadow - PushDCShadow - Replicate attributes in the Domain Controllerhttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-dcshadow-on-url-attribute.pngMimikatz - DCShadow on url AttributeMimikatz - DCShadow & URL Attribute https://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-retrieve-user-token.pngMimikatz - Retrieve User TokenMimikatz - User Tokenhttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-register-a-service-and-obtain-system-token.pngMimikatz - Register a Service and Obtain SYSTEM TokenMimikatz - Register a Service and obtain SYSTEM token2018-12-29T04:30:15+00:00monthlyhttps://pentestlab.blog/2018/04/10/skeleton-key/https://pentestlab.blog/wp-content/uploads/2018/04/skeleton-key-share.pngSkeleton Key - ShareSkeleton Key - Domain Controller Share Accessible https://pentestlab.blog/wp-content/uploads/2018/04/skeleton-key-map-a-dc-share.pngSkeleton Key - Map a DC ShareSkeleton Key - Map a DC Sharehttps://pentestlab.blog/wp-content/uploads/2018/04/skeleton-key-rds-connection.pngSkeleton Key - RDS ConnectionSkeleton Key - RDS Connectionhttps://pentestlab.blog/wp-content/uploads/2018/04/skeleton-key-remote-desktop.pngSkeleton Key - Remote DesktopSkeleton Key - Remote Desktophttps://pentestlab.blog/wp-content/uploads/2018/04/empire-skeleton-key-execution.pngEmpire - Skeleton Key ExecutionEmpire - Skeleton Key Executionhttps://pentestlab.blog/wp-content/uploads/2018/04/empire-skeleton-key-module.pngEmpire - Skeleton Key ModuleEmpire - Skeleton Key Modulehttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-skeleton-key.pngMimikatz - Skeleton KeyMimikatz - Skeleton Key2019-09-06T15:48:51+00:00monthlyhttps://pentestlab.blog/2018/04/09/golden-ticket/https://pentestlab.blog/wp-content/uploads/2018/04/run-a-command-on-the-dc-before-golden-ticket.pngRun a Command on the DC before Golden TicketListing DC Admin Share without Golden Tickethttps://pentestlab.blog/wp-content/uploads/2018/04/domain-users-absence-of-evil-user.pngDomain Users - Absence of evil userDomain Users - Absence of evil userhttps://pentestlab.blog/wp-content/uploads/2018/04/golden-ticket-shell-with-psexec-as-invalid-user.pngGolden Ticket - Shell with PsExec as invalid userGolden Ticket - Shell with PsExec as invalid userhttps://pentestlab.blog/wp-content/uploads/2018/04/golden-ticket-executing-commands-on-the-domain-controller-as-standard-user.pngGolden Ticket - Executing Commands on the Domain Controller as standard userGolden Ticket - Executing Commands on the Domain Controller as standard userhttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-kerberos-tickets.pngMimikatz - Kerberos TicketsMimikatz - Kerberos Ticketshttps://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-golden-ticket-creation.pngMimikatz - Golden Ticket CreationMimikatz - Golden Ticket Creationhttps://pentestlab.blog/wp-content/uploads/2018/04/metasploit-golden-ticket.pngMetasploit - Golden TicketMetasploit - Golden Tickethttps://pentestlab.blog/wp-content/uploads/2018/04/metasploit-golden-ticket-module-configuration.pngMetasploit - Golden Ticket Module ConfigurationMetasploit - Golden Ticket Module Configurationhttps://pentestlab.blog/wp-content/uploads/2018/04/metasploit-kiwi-golden-ticket.pngMetasploit Kiwi - Golden TicketMetasploit Kiwi - Golden Tickethttps://pentestlab.blog/wp-content/uploads/2018/04/metasploit-kiwi-list-of-kerberos-tickets.pngMetasploit Kiwi - List of Kerberos TicketsMetasploit Kiwi - List of Kerberos Tickets2018-04-09T01:45:27+00:00monthlyhttps://pentestlab.blog/2018/04/04/dumping-clear-text-credentials/https://pentestlab.blog/wp-content/uploads/2018/04/mimikatz-powersploit.pngMimikatz - PowerSploitMimikatz - PowerSploithttps://pentestlab.blog/wp-content/uploads/2018/04/windows-credential-editor.pngWindows Credential EditorWindows Credential Editorhttps://pentestlab.blog/wp-content/uploads/2018/04/lsasecretread-read-lsa-secrets.pnglsaSecretRead - Read LSA SecretslsaSecretRead - Red LSA Secret Passwordhttps://pentestlab.blog/wp-content/uploads/2018/04/metasploit-lsa-secrets.pngMetasploit - LSA SecretsMetasploit - LSA Secretshttps://pentestlab.blog/wp-content/uploads/2018/04/impacket-registry-hives.pngimpacket - Registry Hivesimpacket - Registry Hiveshttps://pentestlab.blog/wp-content/uploads/2018/04/dump-registry-hives.pngDump Registry HivesDump Registry Hiveshttps://pentestlab.blog/wp-content/uploads/2018/04/lsa-secrets-registry-location.pngLSA Secrets - Registry LocationLSA Secrets - Registry Locationhttps://pentestlab.blog/wp-content/uploads/2018/04/lsa-secrets-registry-permissions.pngLSA Secrets - Registry PermissionsLSA Secrets - Registry Permissionshttps://pentestlab.blog/wp-content/uploads/2018/04/powershell-getwebcredentials.pngPowerShell - GetWebCredentialsNishang - GetWebCredentials PowerShell Scripthttps://pentestlab.blog/wp-content/uploads/2018/04/lasagne-browser-passwords.pngLasagne - Browser PasswordsLaZagne - Browser Based Passwords2018-04-03T15:54:00+00:00monthlyhttps://pentestlab.blog/2018/01/16/microsoft-office-dde-attacks/https://pentestlab.blog/wp-content/uploads/2018/01/word-load-dde-payload-from-another-document.pngWord - Load DDE Payload from another documentWord - Load DDE Payload from Another Documenthttps://pentestlab.blog/wp-content/uploads/2018/01/word-dde-payload.pngWord - DDE PayloadWord - DDE Payloadhttps://pentestlab.blog/wp-content/uploads/2018/01/word-dde-via-field-code.pngWord - DDE via Field CodeWord - DDE via Field Codehttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-message-rtf-email-message.pngOutlook Message - RTF Email MessageOutlook Message - RTF Email Messagehttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-message-dde-in-rich-text.pngOutlook Message - DDE in Rich TextOutlook Message - DDE and RTFhttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-message-dde-payload.pngOutlook Message - DDE PayloadOutlook Message - DDE Payloadhttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-dde-via-calendar-invitations.pngOutlook - DDE via Calendar InvitationsOutlook - DDE via Calendar Invitationshttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-dde-execution.pngOutlook - DDE ExecutionOutlook - DDE Executionhttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-foward-contact-with-dde.pngOutlook - Foward Contact with DDEOutlook - Foward Contact with DDEhttps://pentestlab.blog/wp-content/uploads/2018/01/outlook-dde-payload-in-contact-notes.pngOutlook - DDE Payload in Contact NotesOutlook - DDE Payload in Contact Notes2018-01-17T20:51:38+00:00monthlyhttps://pentestlab.blog/2018/01/08/command-and-control-javascript/https://pentestlab.blog/wp-content/uploads/2017/12/jsrat-applocker-bypass.pngJSRat - AppLocker BypassJSRat - AppLocker Bypass Methodhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-run-executables.pngJSRat - Run ExecutablesJSRat - Run Executableshttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-data-exfiltration.pngJSRat - Data ExfiltrationJSRat - Data Exfiltrationhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-command-execution.pngJSRat - Command ExecutionJSRat - Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-console.pngJSRat - ConsoleJSRat - Consolehttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-implant-execution.pngJSRat - Implant ExecutionJSRat - Implant Executionhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-generated-command.pngJSRat - Generated CommandJSRat - Generated Commandhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-powershell-command-execution.pngJSRat PowerShell - Command ExecutionJSRat PowerShell - Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-powershell-usage.pngJSRat PowerShell - UsageJSRat PowerShell - Usagehttps://pentestlab.blog/wp-content/uploads/2017/12/jsrat-powershell-payload-command.pngJSRat PowerShell - Payload CommandJSRat PowerShell - Payload Command2017-12-27T13:41:48+00:00monthlyhttps://pentestlab.blog/2018/01/03/command-and-control-web-interface/https://pentestlab.blog/wp-content/uploads/2017/12/ares-server.pngAres - ServerAres - Serverhttps://pentestlab.blog/wp-content/uploads/2017/12/agent-detection-rate.pngAgent - Detection RateAgent - Detection Ratehttps://pentestlab.blog/wp-content/uploads/2017/12/ares-agent-configuration.pngAres - Agent ConfigurationAres - Agent Configurationhttps://pentestlab.blog/wp-content/uploads/2017/12/ares-command-execution-list-of-users.pngAres - Command Execution - List of UsersAres - Command Execution - List of Usershttps://pentestlab.blog/wp-content/uploads/2017/12/ares-command-execution-ipconfig.pngAres - Command Execution - ipconfigAres - Command Execution - ipconfighttps://pentestlab.blog/wp-content/uploads/2017/12/ares-list-of-agents.pngAres - List of AgentsAres - List of Agentshttps://pentestlab.blog/wp-content/uploads/2017/12/ares-creating-agent.pngAres - Creating AgentAres - Creating Agenthttps://pentestlab.blog/wp-content/uploads/2017/12/ares-main-interface.pngAres - Main InterfaceAres - Main Interfacehttps://pentestlab.blog/wp-content/uploads/2017/12/ares-passphrase.pngAres - PassphraseAres - Passphrasehttps://pentestlab.blog/wp-content/uploads/2017/12/ares-password-setup.pngAres - Password SetupAres - Password Setup2017-12-26T14:50:52+00:00monthlyhttps://pentestlab.blog/2018/01/02/command-and-control-images/https://pentestlab.blog/wp-content/uploads/2018/01/implant-favicon-configuration.pngImplant - Favicon ConfigurationImplant - Favicon Configurationhttps://pentestlab.blog/wp-content/uploads/2018/01/invoke-psimage-embedding-mimikatz-in-local-png.pngInvoke-PSImage - Embedding Mimikatz in Local PNGEmbedding Mimikatz in Local PNGhttps://pentestlab.blog/wp-content/uploads/2018/01/mimikatz-via-png-local.pngMimikatz via PNG - LocalMimikatz via PNG - Localhttps://pentestlab.blog/wp-content/uploads/2018/01/mimikatz-via-png-over-the-web.pngMimikatz via PNG over the WebMimikatz via PNG over the Webhttps://pentestlab.blog/wp-content/uploads/2018/01/invoke-psimage-embedding-mimikatz-in-png.pngInvoke-PSImage - Embedding Mimikatz in PNGEmbedding Mimikatz in PNG - Web Versionhttps://pentestlab.blog/wp-content/uploads/2018/01/meterpreter-via-favicon.pngMeterpreter via FaviconMeterpreter via Faviconhttps://pentestlab.blog/wp-content/uploads/2018/01/implant-favicon.pngImplant - FaviconImplant - Faviconhttps://pentestlab.blog/wp-content/uploads/2018/01/metasploit-multi-handler-module-for-favicon.pngMetasploit - Multi Handler Module for FaviconMetasploit - Multi Handler Module for Faviconhttps://pentestlab.blog/wp-content/uploads/2018/01/generation-of-favicon.pngGeneration of FaviconGeneration of Faviconhttps://pentestlab.blog/wp-content/uploads/2018/01/favicon-embeeded-command.pngFavicon - Embeeded CommandFavicon - Embeeded Command2017-12-25T19:38:52+00:00monthlyhttps://pentestlab.blog/2017/12/18/microsoft-office-ntlm-hashes-via-frameset/https://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-capture-module-ntlmv2-hash-via-frameset1.pngMetasploit SMB Capture Module - NTLMv2 Hash via FramesetMetasploit SMB Capture Module - NTLMv2 Hash via Framesethttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-capture-module-for-frameset.pngMetasploit - SMB Capture Module for FramesetMetasploit - SMB Capture Modulehttps://pentestlab.blog/wp-content/uploads/2017/12/responder-ntlmv2-hash-via-frameset.pngResponder - NTLMv2 Hash via FramesetResponder - NTLMv2 Hash via Framesethttps://pentestlab.blog/wp-content/uploads/2017/12/word-connect-to-unc-path-via-frameset.pngWord - Connect to UNC Path via FramesetWord - Connect to UNC Path via Framesethttps://pentestlab.blog/wp-content/uploads/2017/12/frameset-responder-configuration.pngFrameset - Responder ConfigurationResponder Configurationhttps://pentestlab.blog/wp-content/uploads/2017/12/websettings-xml-rels.pngwebSettings XML relswebSettings XML relshttps://pentestlab.blog/wp-content/uploads/2017/12/websettings-xml-relationship-file-contents.pngwebSettings XML Relationship File - ContentswebSettings XML Relationship File - Contentshttps://pentestlab.blog/wp-content/uploads/2017/12/websettings-with-frameset-adding-new-version-to-archive.pngwebSettings with Frameset - Adding new version to archivewebSettings with Frameset - Adding new version to archivehttps://pentestlab.blog/wp-content/uploads/2017/12/websettings-xml-frameset.pngwebSettings XML - FramesetwebSettings XML - Framesethttps://pentestlab.blog/wp-content/uploads/2017/12/websettings-file.pngwebSettings FilewebSettings File2017-12-18T11:41:24+00:00monthlyhttps://pentestlab.blog/2017/12/15/microsoft-office-payloads-in-document-properties/https://pentestlab.blog/wp-content/uploads/2017/12/virus-total-results-document-properties.pngVirus Total Results - Document PropertiesVirus Total Results - Payload in Document Propertieshttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-web-delivery-powershell-payload-via-document-properties.pngMetasploit Web Delivery - PowerShell Payload via Document PropertiesMetasploit Web Delivery - Meterpreter via Document Propertieshttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-delivery-meterpreter-via-powershell-payload.pngMetasploit SMB Delivery - Meterpreter via PowerShell PayloadMetasploit SMB Delivery - Meterpreter via PowerShell Payloadhttps://pentestlab.blog/wp-content/uploads/2017/12/document-properties-powershell-payload.pngDocument Properties PowerShell PayloadDocument Properties PowerShell Payloadhttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-delivery-powershell-payload.pngMetasploit SMB Delivery - PowerShell PayloadMetasploit SMB Delivery - PowerShell Payloadhttps://pentestlab.blog/wp-content/uploads/2017/12/smb-delivery-powershell-payload.pngSMB Delivery PowerShell PayloadSMB Delivery PowerShell Payloadhttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-delivery-meterpreter.pngMetasploit SMB Delivery - MeterpreterMetasploit SMB Delivery - Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-delivery-sessions.pngMetasploit SMB Delivery - SessionsMetasploit SMB Delivery - Sessionshttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-delivery-meterpreter-session.pngMetasploit SMB Delivery Meterpreter SessionMetasploit SMB Delivery Meterpreter Sessionhttps://pentestlab.blog/wp-content/uploads/2017/12/document-properties-word-macro.pngDocument Properties - Word MacroDocument Properties - Word Macro2017-12-15T14:32:57+00:00monthlyhttps://pentestlab.blog/2017/12/13/smb-share-scf-file-attacks/https://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-relay-module.pngMetasploit - SMB Relay ModuleMetasploit - SMB Relay Modulehttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-multi-handler-module-for-smb-relay.pngMetasploit - Multi Handler Module for SMB RelayMetasploit - Multi Handler Module https://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-relay-sessions.pngMetasploit - SMB Relay SessionsMetasploit - SMB Relay Sessionshttps://pentestlab.blog/wp-content/uploads/2017/12/metasploit-smb-relay-attack.pngMetasploit - SMB Relay AttackMetasploit - SMB Relay Attackhttps://pentestlab.blog/wp-content/uploads/2017/12/meterpreter-list-of-processes-for-migrate.pngMeterpreter - List of Processes for MigrateMeterpreter - List of Processes for Migrationhttps://pentestlab.blog/wp-content/uploads/2017/12/meterpreter-retrieve-current-uid.pngMeterpreter - Retrieve Current UIDMeterpreter - Retrieve Current UIDhttps://pentestlab.blog/wp-content/uploads/2017/12/meterpreter-process-migration.pngMeterpreter - Process MigrationMeterpreter - Process Migrationhttps://pentestlab.blog/wp-content/uploads/2017/12/meterpreter-list-running-processes.pngMeterpreter - List Running ProcessesMeterpreter - List Running Processeshttps://pentestlab.blog/wp-content/uploads/2017/12/impacket-smb-relay-attack.pngImpacket - SMB Relay AttackImpacket - SMB Relay Attackhttps://pentestlab.blog/wp-content/uploads/2017/12/impacket-smb-relay-server.pngImpacket - SMB Relay ServerImpacket - SMB Relay Server2019-02-04T05:30:36+00:00monthlyhttps://pentestlab.blog/2017/12/06/command-and-control-websocket/https://pentestlab.blog/wp-content/uploads/2017/12/wsc2-cloned-website.pngWSC2 - Cloned WebSiteWSC2 - Cloned Websitehttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-file-stored.pngWSC2 - File StoredWSC2 - File Storedhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-file-transfer.pngWSC2 - File TransferWSC2 - File Transferhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-data-exfiltration.pngWSC2 - Data ExfiltrationWSC2 - Data Exfiltrationhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-command-execution.pngWSC2 - Command ExecutionWSC2 - Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-shell-functionality.pngWSC2 - Shell FunctionalityWSC2 - Shell Functionalityhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-agent-connection.pngWSC2 - Agent ConnectionWSC2 - Agent Connectionhttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-generation-of-stagers.pngWSC2 - Generation of StagersWSC2 - Generation of Stagershttps://pentestlab.blog/wp-content/uploads/2017/12/wsc2-main-console.pngWSC2 - Main ConsoleWSC2 - Main Console2017-12-06T18:00:47+00:00monthlyhttps://pentestlab.blog/2017/11/20/command-and-control-wmi/https://pentestlab.blog/wp-content/uploads/2017/11/wmiops-system-drive-information.pngWMIOps - System Drive InformationWMIOps - System Drive Informationhttps://pentestlab.blog/wp-content/uploads/2017/11/wmiops-calculator.pngWMIOps - CalculatorWMIOps - Calculatorhttps://pentestlab.blog/wp-content/uploads/2017/11/wmiops-start-a-process.pngWMIOps - Start a ProcessWMIOps - Start a Remote Processhttps://pentestlab.blog/wp-content/uploads/2017/11/wmi-port-dcom.pngWMI Port - DCOMWMI Port - DCOMhttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-directory-listing.pngWMImplant - Directory ListingWMImplant - Directory Listinghttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-shell-commands.pngWMImplant - Shell CommandsWMImplant - Shell Commandshttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-execution-of-powershell-scripts.pngWMImplant - Execution of PowerShell ScriptsWMImplant - Execution of PowerShell Scriptshttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-authentication-and-basic-recon.pngWMImplant - Authentication and Basic ReconWMImplant - Authentication and Basic Reconhttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-main-menu.pngWMImplant - Main MenuWMImplant - Main Menuhttps://pentestlab.blog/wp-content/uploads/2017/11/wmimplant-execution.pngWMImplant - ExecutionWMImplant - Execution 2017-11-20T16:40:02+00:00monthlyhttps://pentestlab.blog/2017/11/14/command-and-control-website/https://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-cloned-website.pngTrevorC2 - Cloned WebsiteTrevorC2 - Cloned Websitehttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-wireshark-traffic.pngTrevorC2 - WireShark TrafficTrevorC2 - Wireshark Traffichttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-encrypted-command.pngTrevorC2 - Encrypted CommandTrevorC2 - Encrypted Commandhttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-encryption-key-data-location.pngTrevorC2 - Encryption Key and Data LocationTrevorC2 - Encryption Key and Data Locationhttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-powershell-implant.pngTrevorC2 - PowerShell ImplantTrevorC2 - PowerShell Implanthttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-commands.pngTrevorC2 - CommandsTrevorC2 - Commandshttps://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-server.pngTrevorC2 - ServerTrevorC2 - Server https://pentestlab.blog/wp-content/uploads/2017/11/trevorc2-server-configuration.pngTrevorC2 - Server ConfigurationTrevorC2 - Server Configuration2017-11-14T16:01:00+00:00monthlyhttps://pentestlab.blog/2017/11/08/hijack-digital-signatures-powershell-script/https://pentestlab.blog/wp-content/uploads/2017/11/powershell-script-valid-signature-e1510082619334.pngPowerShell Script - Valid SignaturePowerShell Script - Valid Signaturehttps://pentestlab.blog/wp-content/uploads/2017/11/powershell-script-invalid-signature.pngPowerShell Script - Invalid SignaturePowerShell Script - Invalid Signaturehttps://pentestlab.blog/wp-content/uploads/2017/11/signed-powershell-script.pngSigned PowerShell ScriptSigned PowerShell Scripthttps://pentestlab.blog/wp-content/uploads/2017/11/unsigned-powershell-script.pngUnsigned PowerShell ScriptUnsigned PowerShell Scripthttps://pentestlab.blog/wp-content/uploads/2017/11/signed-mimikatz.pngSigned MimikatzSigned Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/11/unsigned-mimikatz.pngUnsigned MimikatzUnsigned Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/11/signed-mimikatz-valid-signature.pngSigned Mimikatz - Valid SignatureSigned Mimikatz - Valid Signaturehttps://pentestlab.blog/wp-content/uploads/2017/11/signed-mimikatz-invalid-signature.pngSigned Mimikatz - Invalid SignatureSigned Mimikatz - Invalid Signature2018-01-30T19:12:32+00:00monthlyhttps://pentestlab.blog/2017/11/06/hijacking-digital-signatures/https://pentestlab.blog/wp-content/uploads/2017/10/digital-signature-details-valid-hash.pngDigital Signature Details - Valid HashDigital Signature Details - Valid Hashhttps://pentestlab.blog/wp-content/uploads/2017/10/authenticode-signature-powershell-script-with-digital-signature.pngAuthenticode Signature - PowerShell Script with Digital SignatureAuthenticode Signature - PowerShell Script with Digital Signaturehttps://pentestlab.blog/wp-content/uploads/2017/10/authenticode-signature-powershell-scripts.pngAuthenticode Signature - PowerShell ScriptsAuthenticode Signature - PowerShell Scriptshttps://pentestlab.blog/wp-content/uploads/2017/10/powershell-script-microsoft-digital-signature.pngPowerShell Script - Microsoft Digital SignaturePowerShell Script - Microsoft Digital Signaturehttps://pentestlab.blog/wp-content/uploads/2017/10/powershell-script-digital-microsoft-signature.pngPowerShell Script - Digital Microsoft SignaturePowerShell Script - Digital Microsoft Signaturehttps://pentestlab.blog/wp-content/uploads/2017/10/signature-verification-attack-registry-values.pngSignature Verification Attack - Registry ValuesSignature Verification Attack - Registry Valueshttps://pentestlab.blog/wp-content/uploads/2017/10/signature-verification-attack-registry-keys.pngSignature Verification Attack - Registry KeysSignature Verification Attack - Registry Keyshttps://pentestlab.blog/wp-content/uploads/2017/10/authenticode-signature-hash-validation.pngAuthenticode Signature - Hash ValidationAuthenticode Signature - Hash Validationhttps://pentestlab.blog/wp-content/uploads/2017/10/bypass-hash-validation-registry-hijack.pngBypass Hash Validation - Registry HijackBypass Hash Validation - Registry Hijackhttps://pentestlab.blog/wp-content/uploads/2017/10/metatwin-digital-signature-details.pngMetaTwin - Digital Signature DetailsMetaTwin - Digital Signature Details2019-05-30T09:34:59+00:00monthlyhttps://pentestlab.blog/2017/10/04/command-and-control-https/https://pentestlab.blog/wp-content/uploads/2017/10/thundershell-read-files.pngThunderShell - Read FilesThunderShell - Read Fileshttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-interaction-with-the-shell.pngThunderShell - Interaction with the ShellThunderShell - Interaction with the Shellhttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-list-active-shells.pngThunderShell - List Active ShellsThunderShell - List Active Shellshttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-mimikatz.pngThunderShell - MimikatzThunderShell - Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-mimikatz-execution.pngThunderShell - Mimikatz ExecutionThunderShell - Mimikatz Executionhttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-executing-commands.pngThunderShell - Executing CommandsThunderShell - Executing Commandshttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-shell.pngThunderShell - ShellThunderShell - Shellhttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-console.pngThunderShell - ConsoleThunderShell - Consolehttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-configuration.pngThunderShell - ConfigurationThunderShell - Configurationhttps://pentestlab.blog/wp-content/uploads/2017/10/thundershell-implant-execution.pngThunderShell - Implant ExecutionThunderShell - Implant Execution2017-10-01T16:43:08+00:00monthlyhttps://pentestlab.blog/2017/10/02/command-and-control-kernel/https://pentestlab.blog/wp-content/uploads/2017/09/redsails-shell-via-closed-port.pngredsails - Shell via Closed Portredsails - Shell via Closed Porthttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-port-22-is-not-active.pngredsails - Port 22 is not Activeredsails - Port 22 is not Activehttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-no-active-connections.pngredsails - No Active Connectionsredsails - No Active Connectionshttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-executing-shell-commands.pngredsails - Executing Shell Commandsredsails - Executing Shell Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-client-parameters.pngredsails - Client Parametersredsails - Client Parameters https://pentestlab.blog/wp-content/uploads/2017/09/redsails-powershell.pngredsails - PowerShellredsails - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-executing-mimikatz.pngredsails - Executing Mimikatzredsails - Executing Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-meterpreter-connection-active.pngredsails - Meterpreter Connection Activeredsails - Meterpreter Connection Activehttps://pentestlab.blog/wp-content/uploads/2017/09/redsails-meterpreter-session.pngredsails - Meterpreter Sessionredsails - Meterpreter Session https://pentestlab.blog/wp-content/uploads/2017/09/redsails-execute-shellcode-via-powershell.pngredsails - Execute Shellcode via PowerShellredsails - Execute Shellcode via PowerShell2017-09-30T10:48:52+00:00monthlyhttps://pentestlab.blog/2017/09/26/command-and-control-twitter/https://pentestlab.blog/wp-content/uploads/2017/09/twittor-access-permissions.pngTwittor - Access PermissionsTwittor - Access Permissions https://pentestlab.blog/wp-content/uploads/2017/09/twittor-python-shellcode.pngTwittor - Python ShellcodeTwittor - Python Shellcodehttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-display-command-output.pngTwittor - Display Command OutputTwittor - Display Command Outputhttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-decoding-base64-commands.pngTwittor - Decoding Base64 CommandsTwittor - Decoding Base64 Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-direct-messages.pngTwittor - Direct MessagesTwittor - Direct Messageshttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-execute-command.pngTwittor - Execute CommandTwittor - Execute Commandhttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-list-of-commands.pngTwittor - List of CommandsTwittor - List of Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-retrieve-alive-bots.pngTwittor - Retrieve Alive BotsTwittor - Retrieve Alive Botshttps://pentestlab.blog/wp-content/uploads/2017/09/twittor-consumer-and-access-token.pngTwittor - Consumer and Access TokenTwittor - Consumer and Access Token2017-09-24T17:08:33+00:00monthlyhttps://pentestlab.blog/2017/09/25/suid-executables/https://pentestlab.blog/wp-content/uploads/2017/09/vim-root-shell.pngVim - Root ShellVim - Root Shellhttps://pentestlab.blog/wp-content/uploads/2017/09/less-root-shell.pngLess - Root ShellLess - Root Shellhttps://pentestlab.blog/wp-content/uploads/2017/09/bash-root-shell.pngBash - Root ShellBash - Root Shellhttps://pentestlab.blog/wp-content/uploads/2017/09/vim-reading-root-files.pngVim - Reading Root FilesVim - Reading Root Fileshttps://pentestlab.blog/wp-content/uploads/2017/09/root-shell-via-find.pngRoot Shell via FindRoot Shell via Findhttps://pentestlab.blog/wp-content/uploads/2017/09/run-netcat-via-find.pngRun Netcat via FindRun Netcat via Findhttps://pentestlab.blog/wp-content/uploads/2017/09/find-command-execution.pngFind Command ExecutionFind Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/09/root-shell-via-suid-nmap.pngRoot Shell via SUID NmapRoot Shell via Suid Nmap Binaryhttps://pentestlab.blog/wp-content/uploads/2017/09/nmap-interactive-mode.pngNmap - Interactive ModeNmap - Interactive Modehttps://pentestlab.blog/wp-content/uploads/2017/09/nmap-version-identification.pngNmap Version IdentificationNmap Version Identification2021-11-12T16:00:21+00:00monthlyhttps://pentestlab.blog/2017/09/14/command-and-control-website-keyword/https://pentestlab.blog/wp-content/uploads/2017/09/c2-website-keyword-excel-macro-shell.pngC2 Website Keyword - Excel Macro ShellC2 Website Keyword - Meterpreter via Excel Macrohttps://pentestlab.blog/wp-content/uploads/2017/09/c2code-running-excel-macro.pngC2Code - Running Excel MacroC2Code Running Excel Macrohttps://pentestlab.blog/wp-content/uploads/2017/09/c2code-excel-macro.pngC2Code - Excel MacroC2Code - Excel Macrohttps://pentestlab.blog/wp-content/uploads/2017/09/c2-website-keyword-sysinfo.pngC2 Website Keyword - SysinfoC2 Website Keyword - Sysinfohttps://pentestlab.blog/wp-content/uploads/2017/09/c2-website-keyword-meterpreter.pngC2 Website Keyword - MeterpreterC2 Website Keyword - Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/09/c2code-implant.pngC2Code - ImplantC2Code - Implanthttps://pentestlab.blog/wp-content/uploads/2017/09/c2code-powershell-script.pngC2Code - PowerShell ScriptC2Code - PowerShell Script2017-09-14T10:35:06+00:00monthlyhttps://pentestlab.blog/2017/09/12/command-and-control-webdav/https://pentestlab.blog/wp-content/uploads/2017/09/webdavc2-implant-execution.pngWebDAVC2 - Implant ExecutionWebDAVC2 - Implant Executionhttps://pentestlab.blog/wp-content/uploads/2017/09/webdav-server-serving-payload-into-chunks.pngWebDAV Server - Serving Payload into chunksWebDAV Server - Serving Payload into chunkshttps://pentestlab.blog/wp-content/uploads/2017/09/webdav-payload-via-propfind-responses.pngWebDAV - Payload via PROPFIND ResponsesWebDAV - Payload via PROPFIND Responseshttps://pentestlab.blog/wp-content/uploads/2017/09/webdavc2-executing-commands.pngWebDAVC2 - Executing CommandsWebDAVC2 - Executing Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/webdavc2-bat-stager.pngWebDAVC2 - BAT StagerWebDAVC2 - BAT Stagerhttps://pentestlab.blog/wp-content/uploads/2017/09/webdavc2.pngWebDAVC2WebDAVC2 2017-09-12T17:14:23+00:00monthlyhttps://pentestlab.blog/2017/09/06/command-and-control-dns/https://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-command-shell-request.pngDnscat2 - Command Shell RequestDnscat2 - Command Shell Requesthttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-shell.pngDnscat2 - ShellDnscat2 - Shellhttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-powershell-command.pngDnscat2 - PowerShell CommandDnscat2 - PowerShell Commandhttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-windows-client.pngDnscat2 - Windows ClientDnscat2 - Windows Clienthttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-powershell.pngDnscat2 - PowerShellDnscat2 - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-start-new-process.pngDnscat2 - Start New ProcessDnscat2 - Start New Processhttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-executing-shell-commands.pngDnscat2 - Executing Shell CommandsDnscat2 - Executing Shell Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-list-of-commands.pngDnscat2 - List of CommandsDnscat2 - List of Commandshttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-interactive-session.pngDnscat2 - Interactive SessionDnscat2 - Interactive Sessionhttps://pentestlab.blog/wp-content/uploads/2017/09/dnscat2-server.pngDnscat2 - ServerDnscat2 - Server2020-03-09T17:34:52+00:00monthlyhttps://pentestlab.blog/2017/09/01/command-and-control-windows-com/https://pentestlab.blog/wp-content/uploads/2017/09/koadic-script-prompt.pngKoadic - Script PromptKoadic - Script Prompthttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-password-box.pngKoadic - Password BoxKoadic - Password Boxhttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-tcp-scanner-results.pngKoadic - TCP Scanner ResultsKoadic - TCP Scanner Resultshttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-tcp-scanner.pngKoadic - TCP ScannerKoadic - TCP Scannerhttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-implants.pngKoadic - ImplantsKoadic - Implantshttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-command-execution.pngKoadic - Command ExecutionKoadic - Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-elevated-session.pngKoadic - Elevated SessionKoadic - Elevated Sessionhttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-bypass-uac-sdclt.pngKoadic - Bypass UAC SDCLTKoadic - Bypass UAC SDCLThttps://pentestlab.blog/wp-content/uploads/2017/09/koadic-interact-with-zombies.pngKoadic - Interact with ZombiesKoadic - Interaction with Zombieshttps://pentestlab.blog/wp-content/uploads/2017/09/mshta-execution-on-the-target.pngMSHTA - Execution on the targetMSHTA - Execution on the target2017-09-03T06:55:24+00:00monthlyhttps://pentestlab.blog/2017/08/29/command-and-control-dropbox/https://pentestlab.blog/wp-content/uploads/2017/08/dropbox-agent-generated-files.pngDropBox - Agent Generated FilesDropBox - Agent Generated Fileshttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-command-execution.pngDBC2 - Command ExecutionDBC2 - Command Executionhttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-list-available-agents.pngDBC2 - List Available AgentsDBC2 - List Available Agentshttps://pentestlab.blog/wp-content/uploads/2017/08/dropboxc2-publish-modules.pngDropBoxC2 - Publish ModulesDropBoxC2 - Publish Moduleshttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-screenshot.pngDBC2 - ScreenshotDBC2 - Screenshothttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-powershell.pngDBC2 - PowerShellDBC2 - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-transfer-of-files.pngDBC2 - Transfer of FilesDBC2 - Transfer of Fileshttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-bat-stager.pngDBC2 - Bat StagerDBC2 - Bat Stagerhttps://pentestlab.blog/wp-content/uploads/2017/08/dbc2-oneliner-stager.pngDBC2 - OneLiner StagerDBC2 - OneLiner Stagerhttps://pentestlab.blog/wp-content/uploads/2017/08/dropboxc2-list-available-stagers.pngDropBoxC2 - List Available StagersDropBoxC2 - List Available Stagers2017-09-01T19:44:43+00:00monthlyhttps://pentestlab.blog/2017/08/19/command-and-control-powershell/https://pentestlab.blog/wp-content/uploads/2017/08/poshc2-implant-features.pngPoshC2 - Implant FeaturesPoshC2 - Implant Featureshttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-dir-command.pngPoshC2 - Dir CommandPoshC2 - DIR Commandhttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-interact-with-implant.pngPoshC2 - Interact with ImplantPoshC2 - Interact with Implanthttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-red-team-activities.pngPoshC2 - Red Team ActivitiesPoshC2 - Red Team Activitieshttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-techniques.pngPoshC2 - TechniquesPoshC2 - Techniqueshttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-configuration.pngPoshC2 - ConfigurationPoshC2 - Configurationhttps://pentestlab.blog/wp-content/uploads/2017/08/poshc2-installation.pngPoshC2 - InstallationPoshC2 - Installation2017-08-21T06:44:40+00:00monthlyhttps://pentestlab.blog/2017/08/03/command-and-control-gmail/https://pentestlab.blog/wp-content/uploads/2017/07/gmail-allow-less-secure-apps.pngGmail - Allow Less Secure AppsGmail - Allow Less Secure Apps2017-08-03T00:09:57+00:00monthlyhttps://pentestlab.blog/2017/07/28/command-and-control-icmp/https://pentestlab.blog/wp-content/uploads/2017/07/pix-c2-icmp-c2.pngPiX-C2 ICMP C2PiX-C2 - ICMP C2https://pentestlab.blog/wp-content/uploads/2017/07/icmp-shell-automation.pngICMP Shell - AutomationICMP Shell - Automationhttps://pentestlab.blog/wp-content/uploads/2017/07/icmp-shell.pngICMP ShellShell over ICMPhttps://pentestlab.blog/wp-content/uploads/2017/07/icmp-shell-executing-binary.pngICMP Shell - Executing BinaryICMP Shell - Executing Binaryhttps://pentestlab.blog/wp-content/uploads/2017/07/powershell-icmp-shell.pngPowerShell - ICMP ShellPowerShell - ICMP Shellhttps://pentestlab.blog/wp-content/uploads/2017/07/nishang-module-icmp-shell.pngNishang Module - ICMP ShellNishang Module - ICMP Shell2017-08-01T21:51:49+00:00monthlyhttps://pentestlab.blog/2017/07/26/bypassing-antivirus-host-intrusion-prevention-systems/https://pentestlab.blog/wp-content/uploads/2017/07/meterpreter-paranoid-mode.pngMeterpreter Paranoid ModeMeterpreter Paranoid Modehttps://pentestlab.blog/wp-content/uploads/2017/07/meterpreter-receiving-the-encrypted-connection.pngMeterpreter - Receiving the Encrypted ConnectionMeterpreter - Receiving the Encrypted Connectionhttps://pentestlab.blog/wp-content/uploads/2017/07/configuring-the-encrypted-listener.pngConfiguring the Encrypted ListenerConfiguring the Encrypted Listenerhttps://pentestlab.blog/wp-content/uploads/2017/07/generating-encrypted-payload.pngGenerating Encrypted PayloadGenerating Encrypted Payloadhttps://pentestlab.blog/wp-content/uploads/2017/07/generate-certificate-with-metasploit.pngGenerate Certificate with MetasploitGenerate Certificate with Metasploithttps://pentestlab.blog/wp-content/uploads/2017/07/generate-certificate-manually.pngGenerate Certificate ManuallyGenerate Certificate Manually2017-07-26T14:57:19+00:00monthlyhttps://pentestlab.blog/2017/07/07/applocker-bypass-createrestrictedtoken/https://pentestlab.blog/wp-content/uploads/2017/07/applocker-bypass-createrestrictedtoken.pngAppLocker Bypass - CreateRestrictedTokenAppLocker Bypass - CreateRestrictedTokenhttps://pentestlab.blog/wp-content/uploads/2017/07/executing-an-untrusted-binary.pngExecuting an Untrusted BinaryExecuting an untrusted binaryhttps://pentestlab.blog/wp-content/uploads/2017/07/applocker-patch-is-missing.pngAppLocker Patch is MissingAppLocker Patch is Missing2017-07-07T16:43:35+00:00monthlyhttps://pentestlab.blog/2017/07/06/applocker-bypass-msxsl/https://pentestlab.blog/wp-content/uploads/2017/07/powershell-msxsl.pngPowerShell - MSXSLPowerShell via MSXSLhttps://pentestlab.blog/wp-content/uploads/2017/07/applocker-bypass-msxsl.pngAppLocker Bypass - MSXSLAppLocker Bypass - msxsl2017-07-07T08:21:01+00:00monthlyhttps://pentestlab.blog/2017/06/26/injecting-metasploit-payloads-into-android-applications-manually/https://pentestlab.blog/wp-content/uploads/2017/06/signing-the-apk.pngSigning the APKSigning the APKhttps://pentestlab.blog/wp-content/uploads/2017/06/injecting-the-hook.pngInjecting the hookInjecting the Hookhttps://pentestlab.blog/wp-content/uploads/2017/06/identification-of-code-to-be-replaced.pngIdentification of code to be replacedIdentification of code to be replacedhttps://pentestlab.blog/wp-content/uploads/2017/06/identification-of-main-activity.pngIdentification of Main ActivityIdentification of Main Activityhttps://pentestlab.blog/wp-content/uploads/2017/06/meterpreter-via-injected-android-apk.pngMeterpreter via Injected Android APKMeterpreter via Injected Android APKhttps://pentestlab.blog/wp-content/uploads/2017/06/building-the-injected-apk.pngBuilding the Injected APKBuilding the Injected APKhttps://pentestlab.blog/wp-content/uploads/2017/06/injecting-the-apk-with-excessive-permissions.pngInjecting the APK with Excessive PermissionsInjecting the APK with Excessive Permissions https://pentestlab.blog/wp-content/uploads/2017/06/decompiling-apks.pngDecompiling APKsDecompiling APKshttps://pentestlab.blog/wp-content/uploads/2017/06/generate-apk-meterpreter-payload.pngGenerate APK - Meterpreter PayloadGenerate APK Payload via Metasploit2020-08-05T17:01:34+00:00monthlyhttps://pentestlab.blog/2017/06/16/applocker-bypass-msiexec/https://pentestlab.blog/wp-content/uploads/2017/06/msiexec-meterpreter.pngMSIEXEC - MeterpreterMSIEXEC - Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/06/msi-meterpreter-payload.pngMSI - Meterpreter PayloadMSI - Meterpreter Payloadhttps://pentestlab.blog/wp-content/uploads/2017/06/msiexec-via-run.pngMSIEXEC via RunMSIEXEC via Runhttps://pentestlab.blog/wp-content/uploads/2017/06/msiexec-powershell.pngMSIEXEC - PowerShellMSIEXEC - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/06/msfvenom-generating-msi-files.pngMsfVenom - Generating MSI FilesMsfVenom - Generating MSI Fileshttps://pentestlab.blog/wp-content/uploads/2017/06/msiexec-command-prompt-via-png.pngmsiexec - Command Prompt via PNGMSIEXEC - Command Prompt via PNGhttps://pentestlab.blog/wp-content/uploads/2017/06/msiexec-command-prompt.pngmsiexec - Command PromptMSIEXEC - Command Prompt2017-06-16T11:39:15+00:00monthlyhttps://pentestlab.blog/2017/06/14/intel-sysret/https://pentestlab.blog/wp-content/uploads/2017/06/sysret-verification-of-authority.pngSysret - Verification of AuthoritySysret - Verification of Authorityhttps://pentestlab.blog/wp-content/uploads/2017/06/sysret-privilege-escalation.pngSysret - Privilege EscalationSysret - Privilege Escalationhttps://pentestlab.blog/wp-content/uploads/2017/06/sysret-identify-process-id-of-explorer-exe.pngSysret - Identify Process ID of explorer.exeSysret - Identify process ID of explorer.exehttps://pentestlab.blog/wp-content/uploads/2017/06/sysret-retrieving-processes.pngSysret - Retrieving ProcessesSysret - Retrieving Processeshttps://pentestlab.blog/wp-content/uploads/2017/06/meterpreter-sysret.pngMeterpreter - SysRetMeterpreter - Privilege Escalation via Sysret2017-06-14T08:07:25+00:00monthlyhttps://pentestlab.blog/2017/06/13/applocker-bypass-ieexec/https://pentestlab.blog/wp-content/uploads/2017/06/applocker-blocks-binary.pngAppLocker Blocks BinaryAppLocker Blocks Binaryhttps://pentestlab.blog/wp-content/uploads/2017/06/disabling-code-access-security-policy.pngDisabling Code Access Security PolicyDisabling Code Access Security Policyhttps://pentestlab.blog/wp-content/uploads/2017/06/ieexec-bypassing-applocker.pngIEExec - Bypassing AppLockerIEExec -Bypassing AppLockerhttps://pentestlab.blog/wp-content/uploads/2017/06/ieexec-dot-net-64bit-application.pngIEExec - Dot NET 64bit ApplicationIEExec - Dot NET 64bit Application2017-06-13T09:57:06+00:00monthlyhttps://pentestlab.blog/2017/06/12/applocker-bypass-file-extensions/https://pentestlab.blog/wp-content/uploads/2017/06/nishang-compiled-html-file-and-shortcut-with-embedded-payload.pngNishang - Compiled HTML File and Shortcut with Embedded PayloadNishang - Compiled HTML File and Shortcut with Embedded Payloadhttps://pentestlab.blog/wp-content/uploads/2017/06/metasploit-web-delivery-module-powershell.pngMetasploit - Web Delivery Module PowerShellWeb Delivery Module - PowerShell Payload https://pentestlab.blog/wp-content/uploads/2017/06/web-delivery-meterpreter.pngWeb Delivery - MeterpreterWeb Delivery - Obtaining Meterpreter Sessionshttps://pentestlab.blog/wp-content/uploads/2017/06/command-prompt-execute-bat-file.pngCommand Prompt - Execute BAT FileCommand Prompt - Execute a bat file as txthttps://pentestlab.blog/wp-content/uploads/2017/06/applocker-restriction-on-bat-files.pngAppLocker - Restriction on BAT FilesAppLocker - Restriction on bat fileshttps://pentestlab.blog/wp-content/uploads/2017/06/nishang-compiled-html-file-with-embedded-payload.pngNishang - Compiled HTML File with Embedded PayloadNishang - Compiled HTML File with Embedded Payloadhttps://pentestlab.blog/wp-content/uploads/2017/06/nishang-word-and-excel-with-embedded-payloads.pngNishang - Word and Excel with embedded PayloadsNishang - Word and Excel with Embedded Payloadshttps://pentestlab.blog/wp-content/uploads/2017/06/powershell-executing-commnad-from-a-txt.pngPowerShell - Executing Commnad from a txtPowerShell - Executing Payload from a txt filehttps://pentestlab.blog/wp-content/uploads/2017/06/nishang-file-extensions.pngNishang - File ExtensionsNishang - Generated File Extensions2017-06-12T12:45:10+00:00monthlyhttps://pentestlab.blog/2017/06/09/uac-bypass-sdclt/https://pentestlab.blog/wp-content/uploads/2017/06/sdclt-uac-bypass-via-uacme.pngsdclt - UAC Bypass via UACMesdclt - UAC Bypass via UACMEhttps://pentestlab.blog/wp-content/uploads/2017/06/sdclt-cmd-and-notepad-as-high-integrity-processes.pngsdclt - cmd and notepad as High Integrity Processessdclt - cmd and notepad as High Integrity Processeshttps://pentestlab.blog/wp-content/uploads/2017/06/sdclt-elevated-command-prompt.pngsdclt - Elevated Command Promptsdclt - Elevated Command Prompthttps://pentestlab.blog/wp-content/uploads/2017/06/sdclt-uac-bypass-powershell-script.pngSdclt UAC Bypass - Powershell Scriptsdclt UAC Bypass - PowerShell Scripthttps://pentestlab.blog/wp-content/uploads/2017/06/sdclt-fileless-elevated-command-prompt.pngsdclt Fileless - Elevated Command Promptsdclt Fileless - Elevated Command prompthttps://pentestlab.blog/wp-content/uploads/2017/06/app-paths-uac-bypass-registry.pngApp Paths - UAC Bypass RegistryApp Paths - UAC Bypass Registryhttps://pentestlab.blog/wp-content/uploads/2017/06/sdclt-control-panel-starts-as-high-integrity-process.pngsdclt - Control Panel starts as High Integrity Processsdclt - High Integrity Processhttps://pentestlab.blog/wp-content/uploads/2017/06/fileless-uac-isolated-command-registry.pngFileless UAC - Isolated Command RegistrySdclt Fileless UAC - Isolated Command Registryhttps://pentestlab.blog/wp-content/uploads/2017/06/fileless-uac-bypass-sdclt-powershell.pngFileless UAC Bypass - sdclt PowerShellFileless UAC Bypass - sdclt - PoweShellhttps://pentestlab.blog/wp-content/uploads/2017/06/app-paths-uac-bypass-via-powershell.pngApp Paths - UAC Bypass via PowerShellApp Path - UAC Bypass via PowerShell2017-06-13T09:54:39+00:00monthlyhttps://pentestlab.blog/2017/06/07/uac-bypass-fodhelper/https://pentestlab.blog/wp-content/uploads/2017/06/fodhelper-creating-the-registry-structure-manually.pngFodhelper - Creating the Registry Structure ManuallyFodhelper - Creating the Registry Structure Manually2017-06-07T15:30:06+00:00monthlyhttps://pentestlab.blog/2017/06/06/applocker-bypass-assembly-load/https://pentestlab.blog/wp-content/uploads/2017/06/applocker-rule-block-shellcode-binary.pngAppLocker Rule - Block ShellCode BinaryAppLocker Rule - Block ShellCode Binaryhttps://pentestlab.blog/wp-content/uploads/2017/06/applocker-rule-block-executables.pngAppLocker Rule - Block ExecutablesAppLocker Rule - Block Executableshttps://pentestlab.blog/wp-content/uploads/2017/06/assembly-load.pngAssembly LoadAssembly Loadhttps://pentestlab.blog/wp-content/uploads/2017/06/meterpreter-shellcode.pngMeterpreter - ShellCodeMeterpreter - Shellcodehttps://pentestlab.blog/wp-content/uploads/2017/06/compiling-c-code-to-executable.pngCompiling C# Code to ExecutableCompiling C# Code to Executablehttps://pentestlab.blog/wp-content/uploads/2017/06/c-shellcode.pngC# ShellcodeC# Shellcode Generation2017-06-07T08:19:09+00:00monthlyhttps://pentestlab.blog/2017/06/05/applocker-bypass-bginfo/https://pentestlab.blog/wp-content/uploads/2017/06/execute-bgi-file-via-run.pngExecute BGI File via RunExecute BGI FIle via Runhttps://pentestlab.blog/wp-content/uploads/2017/06/bginfo-command-prompt.pngBgInfo and Command PromptBgInfo & Command Prompthttps://pentestlab.blog/wp-content/uploads/2017/06/bginfo-bypass-command-prompt1.pngBgInfo Bypass Command PromptBgInfo Bypass - Command Prompthttps://pentestlab.blog/wp-content/uploads/2017/06/bginfo-bypass-command-prompt.pngBgInfo Bypass - Command PromptBgInfo AppLocker Bypass - Configurationhttps://pentestlab.blog/wp-content/uploads/2017/06/bginfo-vbsmeter.pngBgInfo - VBSMeterBgInfo - VBSMeterhttps://pentestlab.blog/wp-content/uploads/2017/06/bginfo-run-cmd.pngBgInfo - Run CMDBgInfo - Run CMDhttps://pentestlab.blog/wp-content/uploads/2017/06/running-command-prompt-via-bginfo.pngRunning Command Prompt via BgInfohttps://pentestlab.blog/wp-content/uploads/2017/06/meterpreter-bginfo.pngMeterpreter - BginfoMeterpreter - BgInfo2017-06-05T09:41:57+00:00monthlyhttps://pentestlab.blog/2017/05/29/applocker-bypass-msbuild/https://pentestlab.blog/wp-content/uploads/2017/05/executing-shellcode-via-msbuild.pngExecuting ShellCode via MSBuildExecuting ShellCode via MSBuildhttps://pentestlab.blog/wp-content/uploads/2017/05/meterpreter-via-msbuild.pngMeterpreter via MSBuildMeterpreter via MSBuildhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-psattack.pngMSBuild - PSAttackMSBuild - PSAttackhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-executing-psattack.pngMSBuild - Executing PSAttackMSBuild - Executing PSAttackhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuildshell.pngMSBuildShellMSBuildShellhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-msbuildshell.pngMSBuild - MSBuildShellMSBuild - MSBuildShellhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-powershell.pngMSBuild - PowerShellMSBuild - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-dumping-credentials-via-mimikatz.pngMSBuild - Dumping Credentials via MimikatzMSBuild - Dumping Credentials via Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-mimikatz.pngMSBuild - MimikatzMSBuild - Mimikatzhttps://pentestlab.blog/wp-content/uploads/2017/05/msbuild-executing-mimikatz.pngMSBuild - Executing MimikatzMSBuild - Executing Mimikatz2017-05-30T09:29:48+00:00monthlyhttps://pentestlab.blog/2017/05/24/applocker-bypass-control-panel/https://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-command-prompt-via-control-panel.pngAppLocker Bypass - Command Prompt via Control PanelAppLocker Bypass - Command Prompt via Control Panelhttps://pentestlab.blog/wp-content/uploads/2017/05/registry-editor-add-cpl-key.pngRegistry Editor - Add CPL KeyRegistry Editor - Add CPL Keyhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-add-key-to-the-registry.pngAppLocker - Add Key to the RegistryAppLocker Bypass - Add Key to the Registryhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-cmd-blocked.pngAppLocker Bypass - CMD BlockedAppLocker Bypass - CMD Blocked2017-05-22T08:13:34+00:00monthlyhttps://pentestlab.blog/2017/05/23/applocker-bypass-rundll32/https://pentestlab.blog/wp-content/uploads/2017/05/applocker-rundll32-registry-unlocked.pngAppLocker - Rundll32 Registry UnlockedAppLocker - Rundll32 Registry Unlockedhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-registry-unlocked.pngAppLocker - Registry UnlockedAppLocker - Registry Unlockedhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-rundll32-registry.pngAppLocker - Rundll32 RegistryAppLocker - Rundll32 Registryhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-registry-blocked.pngAppLocker - Registry BlockedAppLocker - Registry Blockedhttps://pentestlab.blog/wp-content/uploads/2017/05/web-delivery-module-configuration.pngWeb Delivery Module ConfigurationWeb Delivery Module Configurationhttps://pentestlab.blog/wp-content/uploads/2017/05/web-delivery-payload.pngWeb Delivery PayloadWeb Delivery Payloadhttps://pentestlab.blog/wp-content/uploads/2017/05/rundll32-javascript.pngRundll32 - JavaScriptRundll32 - JavaScripthttps://pentestlab.blog/wp-content/uploads/2017/05/rundll32-meterpreter.pngRundll32 - MeterpreterRundll32 - Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/05/rundll32-injecting-dll-into-a-process.pngRundll32 - Injecting DLL into a ProcessAppLocker Bypass - Rundll32 via DLLhttps://pentestlab.blog/wp-content/uploads/2017/05/msfvenom-dll-generation.pngMsfvenom - DLL GenerationMsfvenom DLL Generation2017-05-24T17:32:22+00:00monthlyhttps://pentestlab.blog/2017/05/22/applocker-bypass-weak-path-rules/https://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-weak-path-rules.pngAppLocker Bypass - Weak Path RulesAppLocker Bypass - Weak Path Ruleshttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-default-rules.pngAppLocker - Default RulesAppLocker - Default Ruleshttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-binary-planting-to-weak-folder.pngAppLocker - Binary Planting to Weak FolderAppLocker - Binary Planting into Weak Folderhttps://pentestlab.blog/wp-content/uploads/2017/05/weak-permssions-in-windows-folder.pngWeak Permssions in Windows FolderWeak Permissions n Windows Folder2017-12-19T16:04:02+00:00monthlyhttps://pentestlab.blog/2017/05/19/applocker-bypass-regasm-and-regsvcs/https://pentestlab.blog/wp-content/uploads/2017/05/compile-the-csharp-code.pngCompile the CSharp CodeCSharp Code Compiledhttps://pentestlab.blog/wp-content/uploads/2017/05/regasm-executing-shellcode.pngRegAsm - Executing ShellCodeRegAsm - Executing Shellcodehttps://pentestlab.blog/wp-content/uploads/2017/05/regsvcs-executing-shellcode.pngRegsvcs - Executing ShellCodeRegsvcs - Executing Shellcodehttps://pentestlab.blog/wp-content/uploads/2017/05/msfvenom-generating-csharp-shellcode.pngMsfVenom - Generating CSharp ShellCodeMsfVenom - Generating CSharp ShellCodehttps://pentestlab.blog/wp-content/uploads/2017/05/meterpreter-regsvcs-and-regasm.pngMeterpreter - Regsvcs and RegasmMeterpreter - Regsvcs and Regasmhttps://pentestlab.blog/wp-content/uploads/2017/05/strong-name-key-pair-generation.pngStrong Name Key Pair GenerationStrong Name Key Pair Generation2017-05-19T07:36:45+00:00monthlyhttps://pentestlab.blog/2017/05/11/applocker-bypass-regsvr32/https://pentestlab.blog/wp-content/uploads/2017/05/applocker-restriction-of-script-execution.pngAppLocker - Restriction of Script ExecutionAppLocker - Restriction of Script Executionhttps://pentestlab.blog/wp-content/uploads/2017/05/regsvr32-meterpreter.pngRegsvr32 -MeterpreterRegsvr32 - Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-via-regsvr32.pngAppLocker Bypass via Regsvr32AppLocker Bypass via Regsvr32https://pentestlab.blog/wp-content/uploads/2017/05/regsvr32-download-and-execution-of-the-scriptlet.pngRegsvr32 - Download and Execution of the ScriptletRegsvr32 - Download and Execution of the Scriptlethttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-script-rules.pngAppLocker - Script RulesAppLocker - Script Ruleshttps://pentestlab.blog/wp-content/uploads/2017/05/metasploit-applocker-bypass-via-regsvr32.pngMetasploit - AppLocker Bypass via Regsvr32Metasploit - AppLocker Bypass via Regsvr32https://pentestlab.blog/wp-content/uploads/2017/05/metasploit-execute-the-payload.pngMetasploit - Execute the PayloadMetasploit - Execution of the Payloadhttps://pentestlab.blog/wp-content/uploads/2017/05/metasploit-regsvr32-module.pngMetasploit - Regsvr32 ModuleMetasploit - Regsvr32 Module2017-05-19T09:26:40+00:00monthlyhttps://pentestlab.blog/2017/05/08/applocker-bypass-installutil/https://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-execute-powershell-commands.pngAppLocker Bypass - Execute PowerShell CommandsAppLocker Bypass - Execute PowerShell Commandshttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-powershell-dll.pngAppLocker Bypass - PowerShell DLLAppLocker Bypass - PowerShell DLLhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-powershell-version.pngAppLocker Bypass - PowerShell VersionAppLocker Bypass - PowerShell Versionhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-powershell.pngAppLocker Bypass - PowerShellAppLocker Bypass - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-compile-a-powershell-binary.pngAppLocker Bypass - Compile a PowerShell BinaryAppLocker Bypass - Compile a PowerShell Binaryhttps://pentestlab.blog/wp-content/uploads/2017/05/powershell-blocked-by-applocker.pngPowerShell Blocked by AppLockerPowerShell Blocked by AppLockerhttps://pentestlab.blog/wp-content/uploads/2017/05/metasploit-applocker-bypass.pngMetasploit - AppLocker BypassMetasploit - AppLocker Bypasshttps://pentestlab.blog/wp-content/uploads/2017/05/applocker-bypass-via-installutil-meterpreter-session.pngAppLocker Bypass via InstallUtil - Meterpreter SessionAppLocker Bypass - Meterpreter Sessionhttps://pentestlab.blog/wp-content/uploads/2017/05/bypass-applocker-manually.pngBypass AppLocker ManuallyBypass AppLocker via InstallUtilhttps://pentestlab.blog/wp-content/uploads/2017/05/generation-of-c-file-with-shellcode.pngGeneration of C# File with ShellcodeShellCode inside C# File2017-05-06T13:25:03+00:00monthlyhttps://pentestlab.blog/2017/05/03/uac-bypass-task-scheduler/https://pentestlab.blog/wp-content/uploads/2017/05/task-scheduler-elevated-meterpreter.pngTask Scheduler - Elevated MeterpreterTask Scheduler - Elevated Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/05/windows-shortcut-schedule-task.pngWindows Shortcut - Schedule TaskWindows Shortcut - Schedule Taskhttps://pentestlab.blog/wp-content/uploads/2017/05/task-scheduler-highest-privilege-option.pngTask Scheduler - Highest Privilege OptionTask Scheduler - High Privilege Option2017-05-09T09:54:48+00:00monthlyhttps://pentestlab.blog/2017/05/02/uac-bypass-event-viewer/https://pentestlab.blog/wp-content/uploads/2017/05/pentestlab3-elevated-meterpreter.pngPentestlab3 - Elevated MeterpreterPentestlab3 - Elevated Meterpreterhttps://pentestlab.blog/wp-content/uploads/2017/05/pentestlab3-high-integrity-process.pngPentestlab3 - High Integrity Processpentestlab3 - Running as High Integrity Processhttps://pentestlab.blog/wp-content/uploads/2017/05/custom-payload-registry.pngCustom Payload - RegistryCustom Payload - Registryhttps://pentestlab.blog/wp-content/uploads/2017/05/bypass-uac-via-event-viewer.pngBypass UAC via Event ViewerBypass UAC via Event Viewerhttps://pentestlab.blog/wp-content/uploads/2017/05/modify-the-registry2.pngElevated CMD - Event Viewer RegistryElevated CMD via Event Viewerhttps://pentestlab.blog/wp-content/uploads/2017/05/event-viewer-via-mmc.pngEvent Viewer via MMCMMC and Event Viewerhttps://pentestlab.blog/wp-content/uploads/2017/05/event-viewer-process-high-integrity.pngEvent Viewer Process - High IntegrityEvent Viewer Process - High Integrityhttps://pentestlab.blog/wp-content/uploads/2017/05/metasploit-uac-bypass-via-event-viewer.pngMetasploit - UAC Bypass via Event ViewerMetasploit - UAC Bypass via Event Viewerhttps://pentestlab.blog/wp-content/uploads/2017/05/uac-prevents-privilege-escalation.pngUAC Prevents Privilege EscalationUAC Prevents Privilege Escalation2021-02-01T19:49:50+00:00monthlyhttps://pentestlab.blog/2017/04/24/windows-kernel-exploits/https://pentestlab.blog/wp-content/uploads/2017/04/windows-exploit-suggester.pngWindows Exploit SuggesterWindows Exploit Suggesterhttps://pentestlab.blog/wp-content/uploads/2017/04/sherlock-missing-patches-2.pngSherlock - Missing Patches 2Sherlock - Identification of Privilege Escalation Patches https://pentestlab.blog/wp-content/uploads/2017/04/sherlock-missing-patches.pngSherlock - Missing PatchesSherlock - Missing Patcheshttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-patches-enumeration.pngMetasploit - Patches EnumerationMetasploit - Patches Enumerationhttps://pentestlab.blog/wp-content/uploads/2017/04/enumeration-of-installed-patches.pngEnumeration of Installed PatchesEnumeration of Installed Patches2018-07-21T02:17:14+00:00monthlyhttps://pentestlab.blog/2017/04/20/privilege-escalation-methods-poll/2017-04-20T08:13:25+00:00monthlyhttps://pentestlab.blog/2017/04/19/stored-credentials/2024-01-12T02:01:06+00:00monthlyhttps://pentestlab.blog/2017/04/13/hot-potato/https://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-powershell.pngHot Potato - PowerShellHot Potato - PowerShellhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-capturing-the-payload.pngHot Potato - Capturing the PayloadHot Potato - Capturing the Metasploit Payloadhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-privilege-escalation.pngHot Potato Privilege EscalationHot Potato Privilege Escalationhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-triggered-via-shell.pngHot Potato Triggered via ShellHot Potato Triggeredhttps://pentestlab.blog/wp-content/uploads/2017/04/initiate-internet-explorer-via-cmd.pngInitiate Internet Explorer via CMDInitiate Internet Explorer via CMDhttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-multi-handler-meterpreter.pngMetasploit Multi Handler - MeterpreterMetasploit Multi Handler - 2nd Meterpreter Sessionhttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-executing-the-payload.pngMetasploit - Executing the PayloadMetasploit - Executing the Payloadhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-and-metasploit-payload.pngHot Potato and Metasploit PayloadHot Potato and Metasploit Payloadhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-pentestlab-user-added-to-local-admins.pngHot Potato - pentestlab user added to local adminspentestlab user added as local adminhttps://pentestlab.blog/wp-content/uploads/2017/04/hot-potato-attack-deployment-2.pngHot Potato - Attack Deployment 2Hot Potato - Attack Deployment 22017-04-13T12:25:46+00:00monthlyhttps://pentestlab.blog/2017/04/07/secondary-logon-handle/https://pentestlab.blog/wp-content/uploads/2017/04/ms16-032-custom-binary.pngMS16-032 - Custom BinaryMS16-032 Custom Binaryhttps://pentestlab.blog/wp-content/uploads/2017/04/meterpreter-system-privileges.pngMeterpreter - SYSTEM PrivilegesSecondary Logon HandleMeterpreter System Privilegeshttps://pentestlab.blog/wp-content/uploads/2017/04/meterpreter-session-secondary-logon-handle.pngMeterpreter Session - Secondary Logon HandleMeterpreter Session - Secondary Logon Handle https://pentestlab.blog/wp-content/uploads/2017/04/ms16-032-elevated-command-prompt.pngMS16-032 - Elevated Command PromptMS16-032 - Elevated Command Prompthttps://pentestlab.blog/wp-content/uploads/2017/04/powershell-ms16-032-elevated-command-prompt.pngPowerShell - MS16-032 Elevated Command PromptPowerShell - MS16-032 Elevated Command Prompthttps://pentestlab.blog/wp-content/uploads/2017/04/powershell-secondary-logon-handle-script-operation.pngPowerShell - Secondary Logon Handle Script OperationMS16-032 - PowerShell Script Operationhttps://pentestlab.blog/wp-content/uploads/2017/04/powershell-secondary-logon-handle-script.pngPowerShell - Secondary Logon Handle ScriptPowerShell - Secondary Logon Handle Scripthttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-secondary-logon-handle-module.pngMetasploit - Secondary Logon Handle ModuleMetasploit - Secondary Logon Handle Module2017-04-07T09:15:07+00:00monthlyhttps://pentestlab.blog/2017/04/04/dll-injection/https://pentestlab.blog/wp-content/uploads/2017/04/privilege-escalation-dll-injection.pngPrivilege Escalation - DLL InjectionPrivilege Escalation - DLL Injectionhttps://pentestlab.blog/wp-content/uploads/2017/04/dll-executed-as-system.pngDLL Executed as SYSTEMDLL Executed with SYSTEM Privilegeshttps://pentestlab.blog/wp-content/uploads/2017/04/powersploit-dll-injection.pngPowerSploit - DLL InjectionPowerSploit - DLL Injectionhttps://pentestlab.blog/wp-content/uploads/2017/04/identify-the-process-id.pngIdentify the Process IDDiscovery of the Process IDhttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-reflective-dll-injection.pngMetasploit - Reflective DLL InjectionMetasploit - Reflective DLL Injectionhttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-reflective-dll-injection-module.pngMetasploit - Reflective DLL Injection ModuleMetasploit - Reflective DLL Injection Modulehttps://pentestlab.blog/wp-content/uploads/2017/04/remotedllinjector-dll-injection.pngRemoteDLLInjector - DLL InjectionRemoteDLLInjector - DLL Injection Methodhttps://pentestlab.blog/wp-content/uploads/2017/04/remotedllinjector-injecting-dll.pngRemoteDLLInjector - Injecting DLLhttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-listener-configuration.pngMetasploit Listener ConfigurationMetasploit Listener Configurationhttps://pentestlab.blog/wp-content/uploads/2017/04/generating-malicious-dll.pngGenerating Malicious DLLMsfvenom - DLL Generation 2018-08-01T09:52:41+00:00monthlyhttps://pentestlab.blog/2017/04/03/token-manipulation/https://pentestlab.blog/wp-content/uploads/2017/04/powersploit-token-manipulation.pngPowerSploit - Token ManipulationPowerSploit - Token Manipulationhttps://pentestlab.blog/wp-content/uploads/2017/04/powersploit-token-enumeration.pngPowerSploit - Token EnumerationPowerSploit -Token Enumerationhttps://pentestlab.blog/wp-content/uploads/2017/04/incognito-token-impersonation.pngIncognito - Token ImpersonationIncognito - Listing the available tokenshttps://pentestlab.blog/wp-content/uploads/2017/04/metasploit-token-impersonation.pngMetasploit - Token ImpersonationMetasploit - Token Impersonationhttps://pentestlab.blog/wp-content/uploads/2017/04/apache-service-running-as-administrator.pngApache Service Running as AdministratorApache Service Running as Administratorhttps://pentestlab.blog/wp-content/uploads/2017/04/privilege-escalation-rotten-potato.pngPrivilege Escalation - Rotten PotatoPrivilege Escalation - Rotten Potatohttps://pentestlab.blog/wp-content/uploads/2017/04/network-service-available-tokens.pngNetwork Service Available TokensMeterpreter - Available Tokenshttps://pentestlab.blog/wp-content/uploads/2017/04/apache-service-running-as-network-service.pngApache Service running as Network ServiceApache Service running as Network Service2017-04-04T15:15:07+00:00monthlyhttps://pentestlab.blog/2017/03/31/insecure-registry-permissions/https://pentestlab.blog/wp-content/uploads/2017/03/imagepath-registry-key.pngImagePath Registry KeyImagePath Registry Keyhttps://pentestlab.blog/wp-content/uploads/2017/03/registry-image-path-modification.pngRegistry Image Path ModificationRegistry ImagePath Modificationhttps://pentestlab.blog/wp-content/uploads/2017/03/privilege-escalation-via-insecure-registry-permissions.pngPrivilege Escalation via Insecure Registry PermissionsPrivilege Escalation via Insecure Registry Permissions 2017-03-31T08:10:48+00:00monthlyhttps://pentestlab.blog/2017/03/30/weak-service-permissions/https://pentestlab.blog/wp-content/uploads/2017/03/metasploit-system-via-service-binary-replacement.pngMetasploit - System via Service Binary ReplacementMetasploit - System via Service Binary Replacementhttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-execution-of-service-payload.pngPowerSploit - Execution of Service PayloadPowerSploit - Execution of Service Payloadhttps://pentestlab.blog/wp-content/uploads/2017/03/restart-of-the-service.pngRestart of the ServiceRestart of the Servicehttps://pentestlab.blog/wp-content/uploads/2017/03/custom-service-planted-into-binary-path.pngCustom Service Planted into Binary PathCustom Service Planted into Binary Pathhttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-creating-the-custom-service.pngPowerSploit Creating the Custom ServicePowerSploit - Creating the Custom Servicehttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-obtain-services-and-file-permissions.pngPowerSploit - Obtain Services and File PermissionsPowerSploit - Obtain Services and File Permissionshttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-backdoor-admnistrator-account.pngPowerSploit - Backdoor Admnistrator AccountPowerSploit - Backdoor Administrator Accounthttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-abusing-the-binary-path.pngPowerSploit - Abusing the Binary PathPowerSploit - Abusing the Binary Pathhttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-list-modifiable-service.pngPowerSploit - List Modifiable ServicesPowerSploit - List Services which the binary path can be modifiedhttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-service-details.pngPowerSploit - Service DetailsPowerSploit - Service Details2018-08-29T05:20:35+00:00monthlyhttps://pentestlab.blog/2017/03/27/dll-hijacking/https://pentestlab.blog/wp-content/uploads/2017/03/folder-permissions.pngFolder-PermissionsIdentification of Weak Folder Permissionshttps://pentestlab.blog/wp-content/uploads/2017/03/malicious-dll-renamed-and-planted.pngMalicious DLL Renamed and PlantedMalicious DLL Renamed and Plantedhttps://pentestlab.blog/wp-content/uploads/2017/03/process-with-missing-dll.pngProcess with Missing DLLProcess with Missing DLLhttps://pentestlab.blog/wp-content/uploads/2017/03/procmon-filters.pngProcmon FiltersProcmon Filters to Check a Process for Missing DLLhttps://pentestlab.blog/wp-content/uploads/2017/03/generating-malicious-dll.pngGenerating Malicious DLLGeneration of Malicious DLLhttps://pentestlab.blog/wp-content/uploads/2017/03/process-running-as-system.pngProcess Running as SYSTEMProcess Running as SYSTEMhttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-privilege-escalation-via-dll-hijacking.pngMetasploit - Privilege Escalation via DLL HijackingMetasploit - Privilege Escalation via DLL Hijackinghttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-write-dll.pngPowerSploit - Write DLLWrite the DLL into the folder with weak permissionshttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-dicovery-of-paths-with-weak-permissions.pngPowerSploit - Discovery of Paths with Weak PermissionsDiscovery of Folders with Modifiable Permissions https://pentestlab.blog/wp-content/uploads/2017/03/powersploit-discovery-of-process-with-missing-dlls.pngPowerSploit - Discovery of Process with Missing DLL'sPowerSploit - Discovery of Process with Missing DLL's2017-03-30T08:05:08+00:00monthlyhttps://pentestlab.blog/2017/03/20/group-policy-preferences/https://pentestlab.blog/wp-content/uploads/2017/03/psexec-authentication-as-admin.pngPsExec - Authentication as AdminPsExec - Authentication as Administratorhttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-psexec.pngMetasploit PsExecMetasploit PsExec Usagehttps://pentestlab.blog/wp-content/uploads/2017/03/decrypting-gpp-passwords-with-gp3finder.pngDecrypting GPP Passwords with gp3finderDecrypting GPP Passwords Manuallyhttps://pentestlab.blog/wp-content/uploads/2017/03/gpp-cpassword-value.pngGPP cPassword ValueGPP cpassword Valuehttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-gpp-exploitation.pngMetasploit - GPP ExploitationMetasploit - Decrypting GPP Passwordshttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-powershell-payload.pngMetasploit - PowerShell Payloadhttps://pentestlab.blog/wp-content/uploads/2017/03/running-powersploit-via-metasploit.pngRunning PowerSploit via MetasploitExecuting PowerSploit Modules via Metasploithttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-get-cachedgpppassword.pngPowerSploit - Get-CachedGPPPasswordPowerSploit - Get-CachedGPPPassword2017-03-23T20:52:45+00:00monthlyhttps://pentestlab.blog/2017/03/13/injecting-metasploit-payloads-into-android-applications/https://pentestlab.blog/wp-content/uploads/2017/03/manual-android-payload-generation.pngManual Android Payload GenerationManual Android Payload Generationhttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-multi-handler-android-payload.pngMetasploit Multi Handler - Android PayloadMetasploit - Handling Android Payloadshttps://pentestlab.blog/wp-content/uploads/2017/03/msfvenom-payload-injection.pngMsfVenom Payload InjectionMSFVenom - Payload Injectionhttps://pentestlab.blog/wp-content/uploads/2017/03/android-post-exploitation-camera-snapshot.jpegAndroid Post Exploitation - Camera SnapshotAndroid Post Exploitation - Camera Snapshothttps://pentestlab.blog/wp-content/uploads/2017/03/android-post-exploitation.pngAndroid Post ExploitationAndroid Post Exploitationhttps://pentestlab.blog/wp-content/uploads/2017/03/meterpreter-via-injected-apk.pngMeterpreter via Injected APKMeterpreter via Malicious APKhttps://pentestlab.blog/wp-content/uploads/2017/03/apk-injector-building-the-inject-apk.pngAPK Injector - Building the Inject APKAPK Injector - Building the injected APKhttps://pentestlab.blog/wp-content/uploads/2017/03/apk-injector.pngAPK InjectorAPK Injector - Decoding the APKhttps://pentestlab.blog/wp-content/uploads/2017/03/apk-wash.pngAPK WashAPK Wash - Antivirus Evasion2021-09-06T06:39:05+00:00monthlyhttps://pentestlab.blog/2017/03/09/unquoted-service-path/https://pentestlab.blog/wp-content/uploads/2017/03/list-of-services.pngList of ServicesVulnerable Service Running as Systemhttps://pentestlab.blog/wp-content/uploads/2017/03/configuring-the-metasploit-listener.pngConfiguring the Metasploit ListenerConfiguring the Metasploit Listenerhttps://pentestlab.blog/wp-content/uploads/2017/03/unquoted-service-path-privilege-escalation-to-system.pngUnquoted Service Path - Privilege Escalation to SystemExecution of Payload and Escalation of Privileges to SYSTEMhttps://pentestlab.blog/wp-content/uploads/2017/03/restarting-the-vulnerable-service.pngRestarting the Vulnerable ServiceRestarting the vulnerable servicehttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-binary.pngMetasploit BinaryReplacing the original binary with the Metasploit payoadhttps://pentestlab.blog/wp-content/uploads/2017/03/unquoted-service-path-payload-generation.pngUnquoted Service Path - Payload GenerationUnquoted Service Path - Payload Generation https://pentestlab.blog/wp-content/uploads/2017/03/privilege-escalation-via-metasploit-trusted-service-path.pngPrivilege Escalation via Metasploit Trusted Service PathPrivilege Escalation via Metasploit Trusted Service Pathhttps://pentestlab.blog/wp-content/uploads/2017/03/metasploit-configuring-the-trusted-service-path-module.pngMetasploit - Configuring the Trusted Service Path ModuleConfiguring the Trusted Service Path Metasploit Modulehttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-local-admin-verification.pngPowerSploit - Local Admin VerificationVerification that the user has been created and added to the local admins grouphttps://pentestlab.blog/wp-content/uploads/2017/03/powersploit-restart-the-service.pngPowerSploit - Restart the ServicePowerSploit - Restarting the Service2018-11-26T21:10:21+00:00monthlyhttps://pentestlab.blog/2017/02/28/always-install-elevated/https://pentestlab.blog/wp-content/uploads/2017/02/capture3.pngGPO-User - Always Install with elevated privilegesGPO - Always Install with elevated privilegeshttps://pentestlab.blog/wp-content/uploads/2017/02/capture0.pngGPO-Always Install With Elevated PrivilegesGPO -Always Install With Elevated Privileges Settinghttps://pentestlab.blog/wp-content/uploads/2017/02/capture11.pngMetasploit Module - Always-Install-ElevatedExploitation of Always Install Elevated with Metasploit https://pentestlab.blog/wp-content/uploads/2017/02/capture6.pngget-uid-shell-metasploitMeterpreter Session - Normal userhttps://pentestlab.blog/wp-content/uploads/2017/02/capture7.pngregistry-queries-always-install-elevatedQuery the registry to identify the issuehttps://pentestlab.blog/wp-content/uploads/2017/02/capture15.pngnet-localgroup-administratorsVerification that the "backdoor" user has been createdhttps://pentestlab.blog/wp-content/uploads/2017/02/capture14.pngUser-Add - Adding an Account as Local AdminAdding an account into Administrators grouphttps://pentestlab.blog/wp-content/uploads/2017/02/capture13.pngPowerSploit - Always Install ElevatedPowerSploit - Always Install Elevated2017-03-30T08:14:53+00:00monthlyhttps://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/2017-02-13T11:56:38+00:00monthlyhttps://pentestlab.blog/2017/02/06/reverse-engineering-android-applications/https://pentestlab.blog/wp-content/uploads/2017/02/dexdump-dalvik-instructions.pngdexdump-dalvik-instructionshttps://pentestlab.blog/wp-content/uploads/2017/02/jadx-gui.pngjadx-guihttps://pentestlab.blog/wp-content/uploads/2017/02/reverse-engineering-dex.pngreverse-engineering-dexhttps://pentestlab.blog/wp-content/uploads/2017/02/baksmali-dex.pngbaksmali-dexhttps://pentestlab.blog/wp-content/uploads/2017/02/aapt-decompile-apk-files.pngaapt-decompile-apk-fileshttps://pentestlab.blog/wp-content/uploads/2017/02/axmlprinter-manifest.pngaxmlprinter-manifesthttps://pentestlab.blog/wp-content/uploads/2017/02/aapt-dump-permissions.pngaapt-dump-permissionshttps://pentestlab.blog/wp-content/uploads/2017/02/aapt-manifest-file.pngaapt-manifest-filehttps://pentestlab.blog/wp-content/uploads/2017/02/android-reversing.jpgandroid-reversinghttps://pentestlab.blog/wp-content/uploads/2017/02/mobsf-java-source-code.pngmobsf-java-source-code2017-03-30T08:15:47+00:00monthlyhttps://pentestlab.blog/2017/01/30/retrieving-apk-files/https://pentestlab.blog/wp-content/uploads/2017/01/apk-leecher.pngapk-leecherhttps://pentestlab.blog/wp-content/uploads/2017/01/drozer-location-apk.pngdrozer-location-apkhttps://pentestlab.blog/wp-content/uploads/2017/01/adb-discover-app-path.pngadb-discover-app-pathhttps://pentestlab.blog/wp-content/uploads/2017/01/android-list-packages.pngandroid-list-packageshttps://pentestlab.blog/wp-content/uploads/2017/01/apk-download1.pngapk-download1https://pentestlab.blog/wp-content/uploads/2017/01/android-reversing.jpgandroid-reversing2017-01-30T10:12:51+00:00monthlyhttps://pentestlab.blog/2017/01/24/security-guidelines-for-android-manifest-files/2017-01-24T03:48:07+00:00monthlyhttps://pentestlab.blog/2016/11/07/list-of-vulnerable-android-applications/2017-04-18T17:14:00+00:00monthlyhttps://pentestlab.blog/2016/11/02/hardware-kit-for-infrastructure-assessments/https://pentestlab.blog/wp-content/uploads/2016/11/usb-eth.jpgusb-ethUSB Ethernet Cardhttps://pentestlab.blog/wp-content/uploads/2016/11/screwdrivers.jpgscrewdriversScrewdrivershttps://pentestlab.blog/wp-content/uploads/2016/11/usb32000spt-main.jpgusb32000spt-mainUSB Ethernet Switchhttps://pentestlab.blog/wp-content/uploads/2016/11/network_cable__350_mhz__cat_5e.jpgnetwork_cable__350_mhz__cat_5eEthernet Cablehttps://pentestlab.blog/wp-content/uploads/2016/11/rj45-end-to-end-ethernet-cable-double-joint-connector-2-10-computer-accessories.jpgrj45-end-to-end-ethernet-cable-double-joint-connector-2-10-computer-accessoriesEthernet Cable Connectorhttps://pentestlab.blog/wp-content/uploads/2016/11/flash.jpgflashUSB Flash Driveshttps://pentestlab.blog/wp-content/uploads/2016/11/iec.jpgiecIEC Adapterhttps://pentestlab.blog/wp-content/uploads/2016/11/camera-protector.pngcamera-protectorWeb Cam Protectorhttps://pentestlab.blog/wp-content/uploads/2016/11/alfa-network-usb-wifi-card-awus036nha-1000-mw-and-5-dbi-antenna-jpg.pngalfa-network-usb-wifi-card-awus036nha-1000-mw-and-5-dbi-antenna-jpgAlfa USB Wifi Card2016-11-03T15:15:08+00:00monthlyhttps://pentestlab.blog/2016/09/30/voip-default-password-list/2016-10-01T07:34:45+00:00monthlyhttps://pentestlab.blog/2016/09/18/voip-checklist-for-penetration-testers/2017-09-14T12:56:16+00:00monthlyhttps://pentestlab.blog/2015/02/01/pre-engagement-pentest-checklist-for-web-applications-assessments/https://pentestlab.blog/wp-content/uploads/2015/02/19-checklist-recruitment11.jpgChecklist2015-02-09T13:30:01+00:00monthlyhttps://pentestlab.blog/2015/02/03/hirte-attack/https://pentestlab.blog/wp-content/uploads/2015/02/10.pngWEP Key CrackedWEP Key Foundhttps://pentestlab.blog/wp-content/uploads/2015/02/7.pngPackets-HirteRead the packetshttps://pentestlab.blog/wp-content/uploads/2015/02/9.pngHirte AttackHirte Attack Runninghttps://pentestlab.blog/wp-content/uploads/2015/02/12.pngFake Wireless Network - WindowsVictim - Fake Wireless Network Available https://pentestlab.blog/wp-content/uploads/2015/02/41.pngfake wireless APRogue Wireless Networkhttps://pentestlab.blog/wp-content/uploads/2015/02/11.pngairodump-ng packet capturingInitiate Packet Capturinghttps://pentestlab.blog/wp-content/uploads/2015/02/3.pngairbase-fake-access-pointCreation of Fake Access Point2016-03-30T19:29:19+00:00monthlyhttps://pentestlab.blog/2015/02/02/profiling-passwords/https://pentestlab.blog/wp-content/uploads/2015/02/5.pngWyd-Password ListContents of Password Listhttps://pentestlab.blog/wp-content/uploads/2015/02/6.pngPassword List ContentView the contents of the Password Listhttps://pentestlab.blog/wp-content/uploads/2015/02/4.pngWyd Password GenerationRunning Wyd tool to generate passwordshttps://pentestlab.blog/wp-content/uploads/2015/02/1.pngwgetDownloading Web Content of the Target Site2015-02-02T18:52:44+00:00monthlyhttps://pentestlab.blog/2015/01/31/uncovering-hidden-ssids/https://pentestlab.blog/wp-content/uploads/2015/01/6.pngProbe ResponseGeneration of Probe Response Packets https://pentestlab.blog/wp-content/uploads/2015/01/4.pngdeuathentication attackSending deuathentication packetshttps://pentestlab.blog/wp-content/uploads/2015/01/3.pngProbe response packetProbe Response Packet contains the SSIDhttps://pentestlab.blog/wp-content/uploads/2015/01/7.pngHidden Wireless NetworkHidden Wireless Networkhttps://pentestlab.blog/wp-content/uploads/2015/01/1.pngHidden Wireless SSIDBeacon Frames - Hidden Wireless SSIDhttps://pentestlab.blog/wp-content/uploads/2015/01/2.pngEnable Monitor Mode InterfaceEnable Monitor Mode Interface2021-05-01T07:27:13+00:00monthlyhttps://pentestlab.blog/2014/07/22/eavesdropping-voip-calls-with-wireshark/https://pentestlab.blog/wp-content/uploads/2014/07/decoding_rtp_traffic-wireshark.pngDecoding_RTP_Traffic-WiresharkDecoding RTP Traffic-Wiresharkhttps://pentestlab.blog/wp-content/uploads/2014/07/rtp_traffic.pngRTP_TrafficRTP Traffic https://pentestlab.blog/wp-content/uploads/2014/07/arpsoof-mitm.pngArpsoof-MitmMiTM attack2016-09-20T14:59:21+00:00monthlyhttps://pentestlab.blog/2014/07/14/caller-id-spoofing/https://pentestlab.blog/wp-content/uploads/2014/07/spoofed_id_inviteflood.pngSpoofed_ID_InvitefloodSpoofed Call with the ID of CEOhttps://pentestlab.blog/wp-content/uploads/2014/07/metasploit_has_you.pngmetasploit_has_youSpoofed Caller ID - Metasploithttps://pentestlab.blog/wp-content/uploads/2014/07/metasploit_invite_spoof.pngmetasploit_invite_spoofFake INVITE - Metasploithttps://pentestlab.blog/wp-content/uploads/2014/07/caller_id_spoofing_inviteflood.pngcaller_id_spoofing_invitefloodCaller ID Spoofing - Invitefloodhttps://pentestlab.blog/wp-content/uploads/2014/07/pentestlab_rocks.pngpentestlab_rocksSpoofed Call - Viproyhttps://pentestlab.blog/wp-content/uploads/2014/07/viproy_spoofed_caller_id.pngviproy_spoofed_caller_idSpoofing the Caller ID with Viproyhttps://pentestlab.blog/wp-content/uploads/2014/07/spoofed_packet.pngspoofed_packethttps://pentestlab.blog/wp-content/uploads/2014/07/spoofed_call_scenario.jpgSpoofed_Call_ScenarioScenario2014-07-15T23:15:54+00:00monthlyhttps://pentestlab.blog/2014/04/07/phishing-frenzy/https://pentestlab.blog/wp-content/uploads/2014/04/templates.pngtemplateshttps://pentestlab.blog/wp-content/uploads/2014/04/phishing_options.pngphishing_optionsPhishing Optionshttps://pentestlab.blog/wp-content/uploads/2014/04/create_campaign.pngphishing-frenzyphishing frenzy - campaign2014-04-07T00:56:30+00:00monthlyhttps://pentestlab.blog/2013/06/26/html-injection/https://pentestlab.blog/wp-content/uploads/2013/06/capture-credentials.pngcapture credentialsCredentialshttps://pentestlab.blog/wp-content/uploads/2013/06/fake-login.pngfake loginFake Login Formhttps://pentestlab.blog/wp-content/uploads/2013/06/html1.pngHTML - Fake Login CodeInjecting HTML Code - Fake Loginhttps://pentestlab.blog/wp-content/uploads/2013/06/capture-page.pngcapture pageMutillidae - Data Capture Pagehttps://pentestlab.blog/wp-content/uploads/2013/06/html.pngVulnerable FormVulnerable Form2020-02-13T21:24:36+00:00monthlyhttps://pentestlab.blog/2013/05/06/findmyhash/https://pentestlab.blog/wp-content/uploads/2013/05/screenshot.pngFindMyHash ScriptFindMyHash Script in action2014-07-17T16:15:56+00:00monthlyhttps://pentestlab.blog/2013/04/21/pen-testing-sql-servers-with-nmap/https://pentestlab.blog/wp-content/uploads/2013/04/screenshot-4.pngsql dump hashes Dump MS-SQL hashes - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot-3.pngRun OS Commands via xp_cmdshell - NmapRun net users via xp_cmdshell - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot-2.pngxp_cmdshell - NmapRun OS command via xp_cmdshell - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot-11.pngList Tables - NmapList Tables - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot2.pngNmap -db accessDiscover which user has access to which db - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot-1.pngNmap - SQL NullCheck For Null passwords on SA accounts - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot1.pngMS-SQL Brute NmapBrute Force Weak MS-SQL Accounts - Nmaphttps://pentestlab.blog/wp-content/uploads/2013/04/screenshot.pngNmap - MS -SQL InfoObtain SQL Information - Nmap2013-07-08T00:09:46+00:00monthlyhttps://pentestlab.blog/2013/03/28/dumpster-diving/2013-05-02T00:07:15+00:00monthlyhttps://pentestlab.blog/2013/03/25/dumping-clear-text-credentials-with-mimikatz/https://pentestlab.blog/wp-content/uploads/2013/03/mimikatz3.pngmimikatz3Obtaining the credentialshttps://pentestlab.blog/wp-content/uploads/2013/03/mimikatz2.pngmimikatz2Obtaining the credentialshttps://pentestlab.blog/wp-content/uploads/2013/03/mimikatz-1.pngExecuting MimikatzExecuting Mimikatzhttps://pentestlab.blog/wp-content/uploads/2013/03/directory.pngDirectoryMimikatz on C: Directoryhttps://pentestlab.blog/wp-content/uploads/2013/03/going-into-the-mimikatz.pngGoing into the mimikatzLocating the Mimikatzhttps://pentestlab.blog/wp-content/uploads/2013/03/uploading-mimikatz.pnguploading mimikatzUploading Mimikatz on the remote system2018-07-09T19:49:37+00:00monthlyhttps://pentestlab.blog/resources/presentations/tools/2013-03-23T20:03:19+00:00weekly0.6https://pentestlab.blog/2013/03/18/penetration-testing-sql-servers/https://pentestlab.blog/wp-content/uploads/2013/03/sql.pngSQL Command ExecutionExecuting Database Commandshttps://pentestlab.blog/wp-content/uploads/2013/03/cmd.pngxp_cmdshell xp_cmdshell - Metasploithttps://pentestlab.blog/wp-content/uploads/2013/03/enum3.pngenum3MS-SQL Enumeration 3https://pentestlab.blog/wp-content/uploads/2013/03/enum2.pngEnum2MS-SQL Enum 2https://pentestlab.blog/wp-content/uploads/2013/03/enumeration.pngEnumeration MS-SQLMS-SQL Enumerationhttps://pentestlab.blog/wp-content/uploads/2013/03/mslogin.pngSQL Brute Force PasswordsBrute Forcing MS SQL Passwords with Metasploithttps://pentestlab.blog/wp-content/uploads/2013/03/screenshot-3.pngMetasploit - mssql pingMetasploit - mssql pinghttps://pentestlab.blog/wp-content/uploads/2013/03/screenshot-2.pngSQL Server Discovery - NmapSQL Server Discovery - Nmap2013-06-11T05:47:09+00:00monthlyhttps://pentestlab.blog/2013/03/10/discovering-oracle-accounts-with-nmap/https://pentestlab.blog/wp-content/uploads/2013/03/3.pngDiscovering Oracle AccountsDiscovering Oracle Accountshttps://pentestlab.blog/wp-content/uploads/2013/03/2.pngBrute Forcing Oracle SID's - NmapBrute Forcing Oracle SID's - Nmap2013-08-14T16:54:59+00:00monthlyhttps://pentestlab.blog/2013/02/25/common-virtualization-vulnerabilities-and-how-to-mitigate-risks/https://pentestlab.blog/wp-content/uploads/2013/02/virtualization.gifVirtualization2013-02-25T22:26:58+00:00monthlyhttps://pentestlab.blog/2013/02/25/sql-injection-authentication-bypass-with-burp/https://pentestlab.blog/wp-content/uploads/2013/02/bypass-authentication-5.pngBypass Authentication 5Bypass Authentication by passing the correct payloadhttps://pentestlab.blog/wp-content/uploads/2013/02/bypass-authentication-4.pngBypass Authentication 4SQL Injection Bypass Authentication - Burp payloadshttps://pentestlab.blog/wp-content/uploads/2013/02/bypass-authentication-3.pngBypass Authentication 3Burp Intruder - Setting up the payloadshttps://pentestlab.blog/wp-content/uploads/2013/02/bypass-authentication-2.pngBypass Authentication 2Burp Intruder - Attack Type and Positionhttps://pentestlab.blog/wp-content/uploads/2013/02/bypass-authentication-6.pngBypass Authentication - SQL InjectionSQL Injection Error 2013-02-25T13:37:52+00:00monthlyhttps://pentestlab.blog/2013/02/20/extracting-metada-from-files/https://pentestlab.blog/wp-content/uploads/2013/02/metadata-foca.pngmetadata-focaFOCA - Metadatahttps://pentestlab.blog/wp-content/uploads/2013/02/doc2.pngdoc2Metadata of a doc file 2https://pentestlab.blog/wp-content/uploads/2013/02/doc.pngMetadata - docMetadata of a doc filehttps://pentestlab.blog/wp-content/uploads/2013/02/image.pngexiftool-metadataExtracting metadata of an image - exiftool2014-02-07T22:11:49+00:00monthlyhttps://pentestlab.blog/2013/02/17/metasploit-storing-pen-test-results/https://pentestlab.blog/wp-content/uploads/2013/02/export.pngexport-metasploit-dbExport Results From Metasploit Databasehttps://pentestlab.blog/wp-content/uploads/2013/02/services.pngservices-metasploitList Services - Metasploit Databasehttps://pentestlab.blog/wp-content/uploads/2013/02/hosts.pnghosts-metasploitList Hosts - Metasploit Databasehttps://pentestlab.blog/wp-content/uploads/2013/02/nmap-scan.pngnmap scan-metasploitMetasploit - Nmap Scanhttps://pentestlab.blog/wp-content/uploads/2013/02/database-commands.pngMetasploit database commandsMetasploit - Database Commandshttps://pentestlab.blog/wp-content/uploads/2013/02/metasploit-databases.pngmetasploit-databasesDatabasse Settings2013-02-17T13:46:43+00:00monthlyhttps://pentestlab.blog/2013/02/16/information-gathering-with-nmap/https://pentestlab.blog/wp-content/uploads/2013/02/reverseip.pngreverseIPNmap - Reverse IP https://pentestlab.blog/wp-content/uploads/2013/02/dnsbrute.pngdnsbrute-nmapNmap - Brute Forcing DNShttps://pentestlab.blog/wp-content/uploads/2013/02/email.pngemail-nmapNmap - Discover Email Accountshttps://pentestlab.blog/wp-content/uploads/2013/02/whois.pngwhois-nmapNmap - Whoishttps://pentestlab.blog/wp-content/uploads/2013/02/ipgeolocation.pngipgeolocationNmap - IP Geolocation2013-02-28T17:44:14+00:00monthlyhttps://pentestlab.blog/2013/02/03/pentbox/https://pentestlab.blog/wp-content/uploads/2013/02/6.pngHTTP Directory BruteForceDirectory Brute Force - PenTBoxhttps://pentestlab.blog/wp-content/uploads/2013/02/4.pngDNS & Host GatheringDNS & Host Gathering - PenTBoxhttps://pentestlab.blog/wp-content/uploads/2013/02/3.pngPenTBox - TCP Port ScannerPenTBox - TCP Port Scannerhttps://pentestlab.blog/wp-content/uploads/2013/02/2.pngPenTBox - Hash CrackerHash Cracker Module - PenTBoxhttps://pentestlab.blog/wp-content/uploads/2013/01/1.pngPenTBox - Base64Base64 Encoder-Decoderhttps://pentestlab.blog/wp-content/uploads/2013/01/pentbox.pngpentboxpentbox - Menu2013-02-17T13:36:41+00:00monthlyhttps://pentestlab.blog/2013/01/31/discover-contacts-and-domains-with-recon-ng/https://pentestlab.blog/wp-content/uploads/2013/01/report1.pngrecon-ng reportrecon-ng report 2https://pentestlab.blog/wp-content/uploads/2013/01/report.pngReportrecon-ng - Reporthttps://pentestlab.blog/wp-content/uploads/2013/01/recon6.pngrecon6Save the results in HTML filehttps://pentestlab.blog/wp-content/uploads/2013/01/screenshot-at-2013-01-30-233316.pngrecon-ng 5Discovering subdomain with recon-nghttps://pentestlab.blog/wp-content/uploads/2013/01/recon5.pngrecon5discover hosts via googlehttps://pentestlab.blog/wp-content/uploads/2013/01/recon4.pngrecon4Gathering Contactshttps://pentestlab.blog/wp-content/uploads/2013/01/recon3.pngrecon3load jigsaw modulehttps://pentestlab.blog/wp-content/uploads/2013/01/recon2.pngrecon2recon-ng - sample of the available moduleshttps://pentestlab.blog/wp-content/uploads/2013/01/recon.pngrecon-ngrecon-ng - commands2013-01-31T10:51:41+00:00monthlyhttps://pentestlab.blog/2013/01/27/physical-penetration-testing-toolkit/https://pentestlab.blog/wp-content/uploads/2013/01/screenshot-at-2013-01-27-005215.pngGet Out of jail templateGet Out Of Jail Template2013-01-31T22:13:58+00:00monthlyhttps://pentestlab.blog/2013/01/22/using-timestomp-to-change-the-mace-values-of-a-file/https://pentestlab.blog/wp-content/uploads/2013/01/mace5.jpegMACE5Verify the MACE changeshttps://pentestlab.blog/wp-content/uploads/2013/01/mace4.jpegMACE4Changing the MACE valueshttps://pentestlab.blog/wp-content/uploads/2013/01/mace3.jpegMACE3Changing the MACE valueshttps://pentestlab.blog/wp-content/uploads/2013/01/mace2.jpegMACE2Display MACE valueshttps://pentestlab.blog/wp-content/uploads/2013/01/mace1.jpegMACE1timestomp - help bannerhttps://pentestlab.blog/wp-content/uploads/2013/01/mace.jpegMACE Attributes MACE Attributes - Doc2013-01-22T01:08:10+00:00monthlyhttps://pentestlab.blog/2013/01/20/nfs-misconfiguration/https://pentestlab.blog/wp-content/uploads/2013/01/xss-stored23.jpeg/etc/shadowContents of /etc/shadowhttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored22.jpeg/etc/passwdContents of /etc/passwdhttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored21.jpegdf -hDisplay the mount folderhttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored20.jpegContents of root directoryContents of root directoryhttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored19.jpegmount share directorymount share directoryhttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored18.jpegshowmount Export NFS shareshttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored17.jpegXSS-Stored17NFS port is open2013-01-24T14:39:15+00:00monthlyhttps://pentestlab.blog/2013/01/16/sql-brute-force-script/2013-01-16T01:51:45+00:00monthlyhttps://pentestlab.blog/2013/01/15/stored-xss-and-set/https://pentestlab.blog/wp-content/uploads/2013/01/xss-stored2.jpegXSS-Stored2Alert Box - JavaScript Codehttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored1.jpegXSS-Stored1Malicious Java Applethttps://pentestlab.blog/wp-content/uploads/2013/01/xss-stored.jpegXSS-StoredFake message trying to convince the user to run the java applethttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss6.jpegStored-XSS6Malicious JavaScript Codehttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss5.jpegStored-XSS5SET - Encodershttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss4.jpegStored-XSS4SET Configurationshttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss3.jpegStored-XSS3Java Applet Attack Methodhttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss2.jpegStored-XSS2SET - Menuhttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss1.jpegStored-XSS1Comment Field vulnerable to XSShttps://pentestlab.blog/wp-content/uploads/2013/01/stored-xss.jpegStored-XSSComment Form Vulnerable to XSS2013-01-16T17:19:29+00:00monthlyhttps://pentestlab.blog/2013/01/13/detecting-web-application-firewalls/https://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies6.jpegWAF - ImpervaDetection of Imperva WAFhttps://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies5.jpegWAF-NmapWAF detection via Nmaphttps://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies4.jpegWAFW00FDetection of WAF with wafwoofhttps://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies3.jpegWAF-Session ExpiredWAF - Session Expiredhttps://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies1.jpegWAF-Server ResponseIndication of WAF via HTTP responsehttps://pentestlab.blog/wp-content/uploads/2013/01/waf-cookies.jpegWAF-CookiesWAF Discovery Via Cookies2013-03-28T18:52:26+00:00monthlyhttps://pentestlab.blog/2013/01/09/building-a-penetration-testing-lab-cluster/2013-01-09T11:47:09+00:00monthlyhttps://pentestlab.blog/2013/01/08/professional-and-ethical-standards/2013-01-09T15:59:53+00:00monthlyhttps://pentestlab.blog/2013/01/07/windows-tools-for-penetration-testing/2014-07-14T12:02:27+00:00monthlyhttps://pentestlab.blog/2013/01/05/dns-results-from-netcraft-search-engine/https://pentestlab.blog/wp-content/uploads/2013/01/netcraftdns.jpegnetcraftdnsnetcraftdns - Sample Results2013-03-21T07:27:34+00:00monthlyhttps://pentestlab.blog/2013/01/04/post-exploitation-in-linux-with-metasploit/https://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation12.jpegLinux - Post Exploitation12Last Logshttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation11.jpegLinux - Post Exploitation11Gathering User History Informationhttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation10.jpegLinux - Post Exploitation10Enumerating the systemhttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation9.jpegLinux - Post Exploitation9Enumerating Protectionshttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation7.jpegLinux - Post Exploitation7Enumerating network informationhttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation6.jpegLinux - Post Exploitation6Opening the conf fileshttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation5.jpegLinux - Post Exploitation5Sample of Configuration files obtainedhttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation4.jpegLinux - Post Exploitation4Virtual machine discoveryhttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation3.jpegLinux - Post Exploitation3Collecting Password Hasheshttps://pentestlab.blog/wp-content/uploads/2013/01/linux-post-exploitation2.jpegLinux - Post Exploitation2Configuring the hasdump module2013-01-31T01:56:42+00:00monthlyhttps://pentestlab.blog/2012/12/26/local-file-inclusion-exploitation-with-burp/https://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion11.jpegFile-Inclusion11/proc/cmdline contentshttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion10.jpegFile-Inclusion10phttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion12.jpegFile-Inclusion12environmenthttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion14.jpegFile-Inclusion14mysql configuration filehttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion8.jpegFile-Inclusion8/etc/issue contentshttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion7.jpegFile-Inclusion7motdhttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion6.jpegFile-Inclusion6etc/hosts contentshttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion5.jpegFile-Inclusion5/etc/group contentshttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion4.jpegFile-Inclusion4Reading the /etc/passwdhttps://pentestlab.blog/wp-content/uploads/2012/12/file-inclusion3.jpegFile-Inclusion3HTTP Request Modification - /etc/passwd2013-01-07T00:37:37+00:00monthlyhttps://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/2023-06-30T07:43:08+00:00monthlyhttps://pentestlab.blog/2012/12/23/file-upload-exploitation/https://pentestlab.blog/wp-content/uploads/2012/12/upload6.jpegupload6Dump of DVWA database 2https://pentestlab.blog/wp-content/uploads/2012/12/upload5.jpegupload5Dump of DVWA databasehttps://pentestlab.blog/wp-content/uploads/2012/12/upload4.jpegupload4Dumping the database to a filehttps://pentestlab.blog/wp-content/uploads/2012/12/upload3.jpegupload3Listing Directorieshttps://pentestlab.blog/wp-content/uploads/2012/12/upload2.jpegupload - shellObtaining a shellhttps://pentestlab.blog/wp-content/uploads/2012/12/upload1.jpegweb shell uploaduploading the web shell2012-12-23T04:21:22+00:00monthlyhttps://pentestlab.blog/2012/12/22/arp-poisoning-script/https://pentestlab.blog/wp-content/uploads/2012/12/arp.jpegarp poison scriptARP poison script2017-02-17T17:53:54+00:00monthlyhttps://pentestlab.blog/2012/12/21/brute-force-attack-with-burp/https://pentestlab.blog/wp-content/uploads/2012/12/bruteforce8.jpegBruteForce8Access in the admin areahttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce7.jpegbrute force 7Discovery of valid credentialshttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce6.jpegCluster Bomb - IntruderCluster Bomb - Intruderhttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce5.jpegBruteForce5Payload Set 3 - Loginhttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce4.jpegBruteForce4Payload Set 2 - Passwordshttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce3.jpegBruteForce3Payload Set 1 - Usernameshttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce2.jpegClearing Position Clearing Positionshttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce1.jpegHTTP Requst - DVWACapturing the HTTP Requesthttps://pentestlab.blog/wp-content/uploads/2012/12/bruteforce.jpegBruteForce - Login FormLogin Form2013-01-13T21:56:18+00:00monthlyhttps://pentestlab.blog/2012/12/20/http-methods-identification/https://pentestlab.blog/wp-content/uploads/2012/12/lazymap4.jpegHTTP Methods IdentficationSource Codehttps://pentestlab.blog/wp-content/uploads/2012/12/lazymap3.jpegWeb Server Methods IdentificationDemonstration2013-01-14T09:58:49+00:00monthlyhttps://pentestlab.blog/2012/12/19/command-execution-dvwa/https://pentestlab.blog/wp-content/uploads/2012/12/commandexecution10.jpegconnect with netcatconnect with netcathttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution8.jpegCommand Execution Vulnerable Source CodeVulnerable Source Codehttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution7.jpegcommand execution - etc/passwdContents of /etc/passwdhttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution6.jpeguser groups - command executionuser groupshttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution5.jpegExecution of multiple commands - dvwaExecution of multiple commands 2https://pentestlab.blog/wp-content/uploads/2012/12/commandexecution4.jpegDVWA - execution of multiple commandsexecution of multiple commandshttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution3.jpegls command - command executionContents of the current directoryhttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution1.jpegTesting for command executionTesting for command executionhttps://pentestlab.blog/wp-content/uploads/2012/12/commandexecution.jpegping utility - DVWAping utility - DVWA2016-12-05T22:06:13+00:00monthlyhttps://pentestlab.blog/2012/12/17/post-exploitation-discovering-network-information-in-windows/https://pentestlab.blog/wp-content/uploads/2012/12/postexploitation41.jpegActive Connections - netstat -naoActive Connectionshttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation31.jpegnet view - Discover Hosts on the same workgroupDiscover Hosts on the same workgrouphttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation21.jpegnetwork diagnosticnetwork diagnostichttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation4.jpegSystem shares - net shareSystem Shareshttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation3.jpegARP Table - arp -ahttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation2.jpegRouting Table - route printhttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation1.jpegDisplay Local DNS CacheDisplay Local DNS Cachehttps://pentestlab.blog/wp-content/uploads/2012/12/postexploitation.jpegipconfig /allipconfig /all2012-12-24T17:37:49+00:00monthlyhttps://pentestlab.blog/2012/12/10/automater/https://pentestlab.blog/wp-content/uploads/2012/12/automater2.jpegautomater - URL ExpansionURL Expansionhttps://pentestlab.blog/wp-content/uploads/2012/12/automater1.jpegautomater - URLRunning Automater against a URLhttps://pentestlab.blog/wp-content/uploads/2012/12/automater.jpegautomater - DescriptionDescription of Automater2012-12-11T18:01:39+00:00monthlyhttps://pentestlab.blog/2012/11/24/owning-the-database-with-sqlmap/https://pentestlab.blog/wp-content/uploads/2012/11/sqlmap8.jpegsqlmap - cracking hashesCracking hashes in table usershttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap7.jpegsqlmap - guestbookGuestbook - Tables Entrieshttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap6.jpegsqlmap - Obtaining the columnsObtaining the columnshttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap4.jpegsqlmap - Database tablesDatabase tableshttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap31.jpegsqlmap - Privileges and RolesDiscover Privileges and Roleshttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap21.jpegsqlmap - Discover database users and hashesDiscover database users and hasheshttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap13.jpegsqlmap1Obtaining the current user,current db,hostname and if the current user is dbahttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap12.jpegsqlmap1 - Obtaining current user,current database and checking if current user is DBAObtaining current user,current database and checking if current user is DBAhttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap3.jpegsqlmap - Retrieving the database bannerRetrieving the database bannerhttps://pentestlab.blog/wp-content/uploads/2012/11/sqlmap2.jpegFingerprinting the database - sqlmapFingerprinting the database2018-05-24T07:30:22+00:00monthlyhttps://pentestlab.blog/2012/12/06/scanning-web-servers-with-nikto/https://pentestlab.blog/wp-content/uploads/2012/12/nikto3.jpegnikto - opening the config fileDiscover credentials on the config.php filehttps://pentestlab.blog/wp-content/uploads/2012/12/nikto21.jpegnikto - Directory IndexingDirectory Indexing - DVWAhttps://pentestlab.blog/wp-content/uploads/2012/12/nikto1.jpegNikto resultsNikto resultshttps://pentestlab.blog/wp-content/uploads/2012/12/nikto.jpegUpdating NiktoUpdating Nikto2012-12-06T14:54:47+00:00monthlyhttps://pentestlab.blog/2012/11/29/bypassing-file-upload-restrictions/https://pentestlab.blog/wp-content/uploads/2012/11/file-upload5.jpegFile Upload - Web Shell has been uploadedWeb Shell has been uploadedhttps://pentestlab.blog/wp-content/uploads/2012/11/file-upload4.jpegFile Upload - Modification of the request to the acceptable typeModification of the request to the acceptable typehttps://pentestlab.blog/wp-content/uploads/2012/11/file-upload2.jpegFile Upload - HTTP Request While Uploading The PHP FileHTTP Request While Uploading The PHP Filehttps://pentestlab.blog/wp-content/uploads/2012/11/file-upload1.jpegFile Upload - Web Application CodeWeb Application Codehttps://pentestlab.blog/wp-content/uploads/2012/11/file-upload.jpegFile upload - PHP file cannot be uploadedPHP file cannot be uploaded2012-12-06T10:05:36+00:00monthlyhttps://pentestlab.blog/resources/papers/web-application/2012-11-27T16:17:16+00:00weekly0.6https://pentestlab.blog/resources/papers/2012-11-27T16:09:56+00:00weekly0.6https://pentestlab.blog/2012/11/27/automated-source-code-review/2012-11-28T21:27:03+00:00monthlyhttps://pentestlab.blog/2012/11/26/smtp-vrfy-scanner/https://pentestlab.blog/wp-content/uploads/2012/11/sqlmap9.jpegSMTP VRFY ScannerSMTP VRFY Scanner - Demo2016-11-02T12:00:54+00:00monthlyhttps://pentestlab.blog/2012/11/12/creating-a-tcp-port-scanner-in-bash/https://pentestlab.blog/wp-content/uploads/2012/11/source-code1.jpegBash TCP Scanner DemoBash TCP Scanner Demonstrationhttps://pentestlab.blog/wp-content/uploads/2012/11/source-code.jpegSource CodeSource Code2018-02-16T21:53:17+00:00monthlyhttps://pentestlab.blog/2012/10/30/attacking-vnc-servers/https://pentestlab.blog/wp-content/uploads/2012/10/7.jpegVNC Authentication ScannerVNC Authentication Scannerhttps://pentestlab.blog/wp-content/uploads/2012/10/5.jpegVNC Service DiscoveryVNC Service Discovery2012-11-24T10:33:29+00:00monthlyhttps://pentestlab.blog/2012/11/20/smtp-user-enumeration/https://pentestlab.blog/wp-content/uploads/2012/11/smtp4.jpegSMTP Username Enumeration via NmapSMTP Username Enumeration via Nmaphttps://pentestlab.blog/wp-content/uploads/2012/11/smtp3.jpegDiscover Email addresses via smtp-user-enumDiscover Email addresses via smtp-user-enumhttps://pentestlab.blog/wp-content/uploads/2012/11/smtp2.jpegSMTP User Enumeration via smtp-user-enumSMTP User Enumeration via smtp-user-enumhttps://pentestlab.blog/wp-content/uploads/2012/11/smtp1.jpegMetasploit SMTP Enumeration ResultsMetasploit SMTP Enumeration Resultshttps://pentestlab.blog/wp-content/uploads/2012/11/smtp.jpegMetasploit SMTP Enumeration Module - ConfigurationMetasploit SMTP Enumeration Module - Configurationhttps://pentestlab.blog/wp-content/uploads/2012/11/smtp6.jpegRCPTEnumerating Users with the RCPT commandhttps://pentestlab.blog/wp-content/uploads/2012/11/smtp5.jpegEnumerating SMTP Users - TelnetEnumerating SMTP Users - Telnet2012-12-12T04:39:37+00:00monthlyhttps://pentestlab.blog/2012/11/18/default-oracle-accounts/https://pentestlab.blog/wp-content/uploads/2012/11/oracle-large-copy.jpgOracle Logo2012-11-22T18:00:11+00:00monthlyhttps://pentestlab.blog/2012/11/19/abusing-file-upload/https://pentestlab.blog/wp-content/uploads/2012/11/upload16.jpeg Hacked PageCreating an html page on the webserver https://pentestlab.blog/wp-content/uploads/2012/11/upload15.jpegCurrent Logged UsersCurrent Logged Usershttps://pentestlab.blog/wp-content/uploads/2012/11/upload14.jpegid - Print UIDs and GIDs Print UIDs and GIDs https://pentestlab.blog/wp-content/uploads/2012/11/upload13.jpegParent Working Directory - pwdParent Working Directoryhttps://pentestlab.blog/wp-content/uploads/2012/11/upload12.jpegList of servicesList of serviceshttps://pentestlab.blog/wp-content/uploads/2012/11/upload11.jpegOther users -wOther usershttps://pentestlab.blog/wp-content/uploads/2012/11/upload10.jpegPing CommandPing the hosthttps://pentestlab.blog/wp-content/uploads/2012/11/upload9.jpeguname -aLinux Headerhttps://pentestlab.blog/wp-content/uploads/2012/11/upload8.jpegwhoami - Current Userwhoami - Current Userhttps://pentestlab.blog/wp-content/uploads/2012/11/upload7.jpegDiscovering the contents of /etc/passwdDiscovering the contents of /etc/passwd2013-03-21T07:25:01+00:00monthlyhttps://pentestlab.blog/resources/2012-11-17T19:22:27+00:00weekly0.6https://pentestlab.blog/2012/11/13/dns-reconnaissance-dnsrecon/https://pentestlab.blog/wp-content/uploads/2012/11/dnsrecon2.jpegDNSRecon - Reverse LookupReverse Lookuphttps://pentestlab.blog/wp-content/uploads/2012/11/dnsrecon11.jpegDomain Brute-Force - DNSReconDomain Brute-Force https://pentestlab.blog/wp-content/uploads/2012/11/dnsrecon1.jpegDNSRecon - Standard EnumerationDNSRecon - Standard Enumeration2019-07-04T04:59:47+00:00monthlyhttps://pentestlab.blog/2012/11/08/vsftpd-exploitation/https://pentestlab.blog/wp-content/uploads/2012/11/4.jpegvsftpd exploitationvsftpd exploitationhttps://pentestlab.blog/wp-content/uploads/2012/11/2.jpegvsftpd configurationConfiguring the vsftpd exploithttps://pentestlab.blog/wp-content/uploads/2012/11/1.jpegvsftpd moduleSearching for the vsftpd modulehttps://pentestlab.blog/wp-content/uploads/2012/11/5.jpegDiscovering The VSFTPD ServiceDiscovering The VSFTPD Service2012-11-09T20:15:49+00:00monthlyhttps://pentestlab.blog/resources/videos/derbycon/2012-10-28T00:35:38+00:00weekly0.6https://pentestlab.blog/2012/10/27/create-executable-payloads-automatically/2012-10-28T18:44:12+00:00monthlyhttps://pentestlab.blog/2012/10/13/msfencode-commands/2012-10-30T14:24:52+00:00monthlyhttps://pentestlab.blog/resources/presentations/derbycon/2012-10-10T14:45:26+00:00weekly0.6https://pentestlab.blog/resources/videos/defcon/2012-10-05T08:52:51+00:00weekly0.6https://pentestlab.blog/2012/09/23/mailing-lists-for-penetration-testers/2012-09-29T14:56:00+00:00monthlyhttps://pentestlab.blog/2012/09/10/password-list-for-penetration-testing/https://pentestlab.blog/wp-content/uploads/2012/09/passwordscloud.pngPassword List For Penetration Testing2018-04-21T14:35:36+00:00monthlyhttps://pentestlab.blog/2012/09/18/sql-injection-exploitation-dvwa/https://pentestlab.blog/wp-content/uploads/2012/09/10.pngContents of passwd Read the contents of passwd filehttps://pentestlab.blog/wp-content/uploads/2012/09/91.pngDisplay password hashes of the databaseDisplay the first name and the password hash of the table usershttps://pentestlab.blog/wp-content/uploads/2012/09/81.pngDiscover Column Names of Table usersDiscover Column Names of Table usershttps://pentestlab.blog/wp-content/uploads/2012/09/71.pngLocation of Database FilesLocation of Database Fileshttps://pentestlab.blog/wp-content/uploads/2012/09/63.pngHostname Discovery through SQL InjectionHostname Discovery through SQL Injectionhttps://pentestlab.blog/wp-content/uploads/2012/09/53.pngowasp10 - tablesowasp10 - tableshttps://pentestlab.blog/wp-content/uploads/2012/09/43.pngInformation_SchemaSample of the tables of Information_Schemahttps://pentestlab.blog/wp-content/uploads/2012/09/34.pngCurrent MySQL databasesCurrent MySQL databaseshttps://pentestlab.blog/wp-content/uploads/2012/09/25.pngDatabase Name DiscoveryDatabase Name Discoveryhttps://pentestlab.blog/wp-content/uploads/2012/09/9.pngDiscover the current database user - MySQLDiscovery of the current database user2019-09-16T11:59:52+00:00monthlyhttps://pentestlab.blog/2012/09/06/configuring-the-social-engineering-toolkit/https://pentestlab.blog/wp-content/uploads/2012/09/42.pngWEBATTACK_EMAIL Option - SETEmail support in combination with credential harvester attackhttps://pentestlab.blog/wp-content/uploads/2012/09/31.pngAUTO_DETECT option is OFFSET asks for public IP when AUTO_DETECT option is OFFhttps://pentestlab.blog/wp-content/uploads/2012/09/22.pngSET - Java Applet Self Signed CertificateSET - Java Applet Self Signed Certificate2020-02-24T17:30:03+00:00monthlyhttps://pentestlab.blog/2012/09/04/ndiff/https://pentestlab.blog/wp-content/uploads/2012/09/6.pngndiff - xml outputndiff - xml outputhttps://pentestlab.blog/wp-content/uploads/2012/09/51.pngndiff verbose modendiff verbose modehttps://pentestlab.blog/wp-content/uploads/2012/09/41.pngndiff basic usagendiff basic usagehttps://pentestlab.blog/wp-content/uploads/2012/09/3.pngNmap - XML file Save the results on an XML file - 2nd Scanhttps://pentestlab.blog/wp-content/uploads/2012/09/21.pngSave the results on an XML fileSave the results on an XML filehttps://pentestlab.blog/wp-content/uploads/2012/09/5.pngndiff verbose mode 2ndiff verbose mode comparison 2nd hosthttps://pentestlab.blog/wp-content/uploads/2012/09/4.pngNdiff verbose modeNdiff verbose modehttps://pentestlab.blog/wp-content/uploads/2012/09/2.pngSave Nmap output as XMLSave Nmap output as XML file2023-07-19T17:35:26+00:00monthlyhttps://pentestlab.blog/resources/presentations/defcon/2012-08-27T12:43:23+00:00weekly0.6https://pentestlab.blog/2012/08/26/using-metasploit-to-create-a-war-backdoor/https://pentestlab.blog/wp-content/uploads/2012/08/61.pngnetcat listening modenetcat - incoming connection from backdoorhttps://pentestlab.blog/wp-content/uploads/2012/08/22.pngUploading the WAR FileUploading the WAR Filehttps://pentestlab.blog/wp-content/uploads/2012/08/52.pngMetasploit .jsp backdoorWAR File extraction to find the name of the .jsp filehttps://pentestlab.blog/wp-content/uploads/2012/08/11.pngWAR Backdoor - MetasploitCreating the WAR Backdoor2012-08-26T20:24:14+00:00monthlyhttps://pentestlab.blog/resources/videos/hack-in-paris/2012-08-26T10:42:21+00:00weekly0.6https://pentestlab.blog/resources/videos/bsides/2012-08-20T00:47:11+00:00weekly0.6https://pentestlab.blog/2012/08/19/scanning-netbios/https://pentestlab.blog/wp-content/uploads/2012/08/51.pngMetasploit smb_version moduleMetasploit smb_version modulehttps://pentestlab.blog/wp-content/uploads/2012/08/31.pngnbtscan-verbosenbtscan - verbose outputhttps://pentestlab.blog/wp-content/uploads/2012/08/21.pngnbtscan nbtscanhttps://pentestlab.blog/wp-content/uploads/2012/08/1.jpgnbtstat nbtstat usage2017-04-13T03:11:01+00:00monthlyhttps://pentestlab.blog/2012/08/17/nmap-cheat-sheet/2022-11-24T08:38:43+00:00monthlyhttps://pentestlab.blog/2012/08/12/firefox-addons-for-penetration-testing/2012-08-12T22:40:44+00:00monthlyhttps://pentestlab.blog/2012/08/07/token-stealing-and-incognito/https://pentestlab.blog/wp-content/uploads/2012/08/6.pngSteal Token - MetasploitSteal the token of a userhttps://pentestlab.blog/wp-content/uploads/2012/08/5.pngProcessesList of processes from the remote targethttps://pentestlab.blog/wp-content/uploads/2012/08/4.pngrev2selfrev2self https://pentestlab.blog/wp-content/uploads/2012/08/3.pngImpersonate TokenImpersonate Tokenhttps://pentestlab.blog/wp-content/uploads/2012/08/2.pngList TokensList Tokenshttps://pentestlab.blog/wp-content/uploads/2012/08/1.pngincognito extension - loadLoad the incognito extension in Metasploit2012-08-12T18:23:49+00:00monthlyhttps://pentestlab.blog/2012/08/01/web-application-fingerprinting/https://pentestlab.blog/wp-content/uploads/2012/08/html-inspection.pngHTML InspectionDiscovering the version via source code inspectionhttps://pentestlab.blog/wp-content/uploads/2012/08/malformed.pngmalformed request to the web serverMalformed request to the web serverhttps://pentestlab.blog/wp-content/uploads/2012/08/netcraft.pngnetcraftnetcraft outputhttps://pentestlab.blog/wp-content/uploads/2012/08/httprecon.jpghttpreconWeb Server Fingerprinting - httpreconhttps://pentestlab.blog/wp-content/uploads/2012/08/httprint.pnghttprint usagehttprint usagehttps://pentestlab.blog/wp-content/uploads/2012/08/web-application1.pngWeb Server Fingerprinting - NmapWeb Server Fingerprinting - Nmaphttps://pentestlab.blog/wp-content/uploads/2012/08/web-application.pngHTTP Response Header - TelnetHTTP Response Header - Telnethttps://pentestlab.blog/wp-content/uploads/2012/07/web-application-fingerprinting1.pngWeb Application Fingerprinting - netcatWeb Application Fingerprinting - netcat2018-06-12T05:23:01+00:00monthlyhttps://pentestlab.blog/2012/07/28/update-the-exploit-db-automatically-on-backtrack/https://pentestlab.blog/wp-content/uploads/2012/07/exploitdb-update1.pngExploitDB-Update UsageExploitDB-Update in Actionhttps://pentestlab.blog/wp-content/uploads/2012/07/exploitdb-update.pngExploitDB-Update CodeExploitDB-Update Code2012-12-22T12:34:41+00:00monthlyhttps://pentestlab.blog/2012/07/27/attacking-mysql-with-metasploit/https://pentestlab.blog/wp-content/uploads/2012/07/extract-credit-cards-details.pngextract credit cards detailsExtract all the data from a tablehttps://pentestlab.blog/wp-content/uploads/2012/07/show-tables-from-dbname.pngDisplay tables from another databaseDisplay tables from another databasehttps://pentestlab.blog/wp-content/uploads/2012/07/extract-data-from-table.pngExtract data from mysql tableExtract Usernames and Passwords from Tablehttps://pentestlab.blog/wp-content/uploads/2012/07/show-databases1.pngTables of mysql databaseTables of mysql databasehttps://pentestlab.blog/wp-content/uploads/2012/07/show-databases.pngShow databasesDisplay the databaseshttps://pentestlab.blog/wp-content/uploads/2012/07/connect-to-mysql.pngConnection to MySQL DatabaseConnection to MySQL Databasehttps://pentestlab.blog/wp-content/uploads/2012/07/enumerating-mysql2.pngDumping the hashes from the MySQLDumping the hashes from the MySQL Databasehttps://pentestlab.blog/wp-content/uploads/2012/07/enumerating-mysql1.pngenumerating MySQL Accountsenumerating MySQL Accountshttps://pentestlab.blog/wp-content/uploads/2012/07/enumerating-mysql.pngenumerating MySQLEnumerating the MySQL Accountshttps://pentestlab.blog/wp-content/uploads/2012/07/valid-accounts-mysql.pngResults of MySQL LoginDiscovering valid accounts from the MySQL Database2018-07-24T12:17:36+00:00monthlyhttps://pentestlab.blog/2012/07/23/dumping-and-cracking-unix-password-hashes/https://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation11.pngSSH connectionConnection through SSHhttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation10.pngDisplay passwordsDisplay all passwords of the targethttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation8.pngCracked passwordsCracked passwordshttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation7.pngjohn the ripperjohn the ripper directoryhttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation5.png/etc/shadowReading the password hashes of the targethttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation2.png/etc/passwdReading the /etc/passwd filehttps://pentestlab.blog/wp-content/uploads/2012/07/post-exploitation.pngDirectories of the remote systemDirectories of the remote system2018-03-06T19:48:48+00:00monthlyhttps://pentestlab.blog/2012/07/20/rlogin-service-exploitation/https://pentestlab.blog/wp-content/uploads/2012/07/rlogin1.pngConnect to the remote host with rloginConnect to the remote host with rloginhttps://pentestlab.blog/wp-content/uploads/2012/07/rlogin.pngrsh client installationrsh client installationhttps://pentestlab.blog/wp-content/uploads/2012/07/rlogin2.pngDiscovering the rlogin serviceDiscovering the rlogin service2012-07-20T18:00:39+00:00monthlyhttps://pentestlab.blog/2012/07/13/dnsenum-gathering-dns-information/https://pentestlab.blog/wp-content/uploads/2012/07/dnsenum2.pngdnsenum2Administration Panelhttps://pentestlab.blog/wp-content/uploads/2012/07/dnsenum1.pngdnsenum1DNS Zone Transferhttps://pentestlab.blog/wp-content/uploads/2012/07/dnsenum.pngdnsenumGathering the first information2013-09-11T21:17:11+00:00monthlyhttps://pentestlab.blog/2012/07/12/creating-wordlists-with-crunch/https://pentestlab.blog/wp-content/uploads/2012/07/crunch10-number-of-words.pngcrunch10-number of wordsNumber of wordshttps://pentestlab.blog/wp-content/uploads/2012/07/crunch12-string-permutations.pngcrunch12-String permutationsString Permutation - Wordshttps://pentestlab.blog/wp-content/uploads/2012/07/crunch11-string-permutations.pngcrunch11-String permutationsString Permutation - Charactershttps://pentestlab.blog/wp-content/uploads/2012/07/crunch13-prefix-wordlists.pngcrunch13-prefix wordlistsPrefix Wordlists based on wordshttps://pentestlab.blog/wp-content/uploads/2012/07/crunch8-compression.pngcrunch8-CompressionCompress the wordlisthttps://pentestlab.blog/wp-content/uploads/2012/07/crunch7.pngcrunch7Prefix wordlists - Charactershttps://pentestlab.blog/wp-content/uploads/2012/07/crunch6.pngcrunch6Splitting Wordlistshttps://pentestlab.blog/wp-content/uploads/2012/07/crunch4.pngcrunch4Special Charactershttps://pentestlab.blog/wp-content/uploads/2012/07/crunch1.pngcrunch1Output of a sample wordlisthttps://pentestlab.blog/wp-content/uploads/2012/07/crunch.pngcrunchCreate a sample wordlist2019-09-20T17:51:03+00:00monthlyhttps://pentestlab.blog/2012/07/03/creating-metasploit-exploits/https://pentestlab.blog/wp-content/uploads/2012/06/metasploit-module-4.pngMetasploit Module 4Exploit methodhttps://pentestlab.blog/wp-content/uploads/2012/06/metasploit-module-3.pngMetasploit Module 3Initialization Method 2https://pentestlab.blog/wp-content/uploads/2012/06/metasploit-module-2.pngMetasploit Module 2Initialization Methodhttps://pentestlab.blog/wp-content/uploads/2012/06/metasploit-module-1.pngMetasploit Module 1Metasploit Class2012-07-03T05:18:55+00:00monthlyhttps://pentestlab.blog/2012/06/29/directory-traversal-cheat-sheet/2013-08-21T08:59:29+00:00monthlyhttps://pentestlab.blog/2012/06/24/nmap-script-to-screenshot-web-services/https://pentestlab.blog/wp-content/uploads/2012/06/screenshot-nmap-15-216-12-1280.pngscreenshot-nmap-15.216.12.12:80Screenshot of a web application from Nmaphttps://pentestlab.blog/wp-content/uploads/2012/06/4.pnghttp-screenshot script in usehttp-screenshot script in usehttps://pentestlab.blog/wp-content/uploads/2012/06/3.pnghttp-screenshot codehttp-screenshot script - code2012-07-19T18:52:36+00:00monthlyhttps://pentestlab.blog/2012/04/23/metasploit-browser-autopwn/https://pentestlab.blog/wp-content/uploads/2012/04/67.pngMigrate to another processMigrate to another processhttps://pentestlab.blog/wp-content/uploads/2012/04/410.pngMeterpreter sessions openedMeterpreter sessions opened with Browser Autopwnhttps://pentestlab.blog/wp-content/uploads/2012/04/39.pngLoading the browser exploitsLoading the browser exploitshttps://pentestlab.blog/wp-content/uploads/2012/04/216.pngConfiguring the Browser AutopwnConfiguring the Browser Autopwnhttps://pentestlab.blog/wp-content/uploads/2012/04/129.pngOptions of browser autopwn moduleOptions of browser autopwn module2015-03-13T12:41:36+00:00monthlyhttps://pentestlab.blog/2012/04/22/post-exploitation-port-forwarding/https://pentestlab.blog/wp-content/uploads/2012/04/58.pngAccessing the Web ServerAccessing the Web Serverhttps://pentestlab.blog/wp-content/uploads/2012/04/49.pngPort Forwarding configurationsPort Forwarding configurationshttps://pentestlab.blog/wp-content/uploads/2012/04/38.pngPort Forwarding OptionsPort Forwarding Optionshttps://pentestlab.blog/wp-content/uploads/2012/04/215.pngDiscover open ports on the remote systemDiscover open ports on the remote systemhttps://pentestlab.blog/wp-content/uploads/2012/04/128.pngConfiguring the Routing TableConfiguring the Routing Table2012-06-09T19:00:38+00:00monthlyhttps://pentestlab.blog/2012/04/19/building-profiles-for-a-social-engineering-attack/https://pentestlab.blog/wp-content/uploads/2012/04/1111.pngPersonal page Personal page https://pentestlab.blog/wp-content/uploads/2012/04/57.pngWork Phone Number and Office RoomWork Phone Number and Office Roomhttps://pentestlab.blog/wp-content/uploads/2012/04/214.pngPipl Information gathering on Piplhttps://pentestlab.blog/wp-content/uploads/2012/04/341.pngFacebook ProfileFacebook Profilehttps://pentestlab.blog/wp-content/uploads/2012/04/213.pngLinkedin ProfileLinkedin Profilehttps://pentestlab.blog/wp-content/uploads/2012/04/93.pngEmail addresses output from Metasploit moduleEmail addresses output from Metasploit modulehttps://pentestlab.blog/wp-content/uploads/2012/04/1110.pngDiscover profiles on the LinkedinDiscover profiles on the Linkedinhttps://pentestlab.blog/wp-content/uploads/2012/04/127.pngtheHarvester email addresses outputtheHarvester email addresses outputhttps://pentestlab.blog/wp-content/uploads/2012/04/103.pngUsing theHarvester Using theHarvester https://pentestlab.blog/wp-content/uploads/2012/04/212.pngDiscovery of valid mit.edu email addressesDiscovery of valid mit.edu email addresses2012-04-20T18:40:32+00:00monthlyhttps://pentestlab.blog/2012/04/17/qrcode-attack-vector/https://pentestlab.blog/wp-content/uploads/2012/04/56.pngharvesting the credentialsHarvesting the credentialshttps://pentestlab.blog/wp-content/uploads/2012/04/qrcode_attack.pngMalicious QRCodeMalicious QR Codehttps://pentestlab.blog/wp-content/uploads/2012/04/86.pngInserting the malicious linkInserting the malicious linkhttps://pentestlab.blog/wp-content/uploads/2012/04/66.pngQR Code Generator Attack VectorQR Code Generator Attack Vectorhttps://pentestlab.blog/wp-content/uploads/2012/04/48.pngCloning FacebookCloning Facebookhttps://pentestlab.blog/wp-content/uploads/2012/04/37.pngSelect from the existing templates FacebookSelect from the existing templates Facebookhttps://pentestlab.blog/wp-content/uploads/2012/04/210.pngChoosing the Credential Harvester AttackChoosing the Credential Harvester Attackhttps://pentestlab.blog/wp-content/uploads/2012/04/120.pngSelecting the Website Attack VectorSelecting the Website Attack Vector2014-12-10T03:33:49+00:00monthlyhttps://pentestlab.blog/2012/04/16/creating-an-undetectable-backdoor/https://pentestlab.blog/wp-content/uploads/2012/04/55.pngWell known antivirus did not detect the backdoorWell known antivirus did not detect the backdoorhttps://pentestlab.blog/wp-content/uploads/2012/04/47.pngDetection ratioDetection ratiohttps://pentestlab.blog/wp-content/uploads/2012/04/102.pngMeterpreter Session Opened after the execution of the backdoorMeterpreter Session Opened after the execution of the backdoorhttps://pentestlab.blog/wp-content/uploads/2012/04/1231.pngOpen the malicious linkOpen the malicious linkhttps://pentestlab.blog/wp-content/uploads/2012/04/125.pngExecution of pentestlab.exeExecution of pentestlab.exehttps://pentestlab.blog/wp-content/uploads/2012/04/133.pngSample of the Backdoor codeSample of the Backdoor codehttps://pentestlab.blog/wp-content/uploads/2012/04/85.pngpentestlab.bin file opened with a hexeditorpentestlab.bin file opened with a hexeditorhttps://pentestlab.blog/wp-content/uploads/2012/04/92.pngCreating the .bin fleCreating the .bin flehttps://pentestlab.blog/wp-content/uploads/2012/04/72.pngReturning a meterpreter sessionReturning a meterpreter sessionhttps://pentestlab.blog/wp-content/uploads/2012/04/65.pngConfiguring the multi/handler moduleConfiguring the multi/handler module2014-11-20T08:49:20+00:00monthlyhttps://pentestlab.blog/2012/04/13/attacking-postgresql/https://pentestlab.blog/wp-content/uploads/2012/04/116.png116Discovery of PostgreSQL Databasehttps://pentestlab.blog/wp-content/uploads/2012/04/28.png2https://pentestlab.blog/wp-content/uploads/2012/04/54.pngCreating a new table and copying the contents of passwdCreating a new table and copying the contents of passwdhttps://pentestlab.blog/wp-content/uploads/2012/04/64.pngList the current databasesList the current databaseshttps://pentestlab.blog/wp-content/uploads/2012/04/84.pngDiscover valid credentials on postgreSQL databaseValid credentials discovered on postgreSQL databasehttps://pentestlab.blog/wp-content/uploads/2012/04/71.pngChoosing and configuring the postgres scannerChoosing and configuring the postgres scanner2012-04-14T15:20:11+00:00monthlyhttps://pentestlab.blog/2012/04/12/client-side-attack-and-pivoting/https://pentestlab.blog/wp-content/uploads/2012/04/27.pngActive SessionsActive Sessionshttps://pentestlab.blog/wp-content/uploads/2012/04/251.pngTarget ExploitationTarget Exploitationhttps://pentestlab.blog/wp-content/uploads/2012/04/241.pngnetapi exploit configurationsnetapi exploit configurationshttps://pentestlab.blog/wp-content/uploads/2012/04/221.pngPort Scanner ResultsPort Scanner Resultshttps://pentestlab.blog/wp-content/uploads/2012/04/211.pngConfiguring the TCP port scannerConfiguring the TCP port scannerhttps://pentestlab.blog/wp-content/uploads/2012/04/20.pngSearching for available port scannersSearching for available port scannershttps://pentestlab.blog/wp-content/uploads/2012/04/181.pngDiscovery of another system into the second networkDiscovery of another system into the second networkhttps://pentestlab.blog/wp-content/uploads/2012/04/191.pngConfiguring the nbnameConfiguring the nbnamehttps://pentestlab.blog/wp-content/uploads/2012/04/171.pngRoute Traffic to the other networkRoute Traffic to the other networkhttps://pentestlab.blog/wp-content/uploads/2012/04/151.pngSearching for nbnameSearching for nbname2012-09-15T18:04:37+00:00monthlyhttps://pentestlab.blog/2012/04/10/unix-user-enumeration/https://pentestlab.blog/wp-content/uploads/2012/04/45.pngDiscover valid usernames through SMTPDiscover valid usernames through SMTPhttps://pentestlab.blog/wp-content/uploads/2012/04/112.pngSMTP SMTP - Commandshttps://pentestlab.blog/wp-content/uploads/2012/04/36.pngrusersrusers outputhttps://pentestlab.blog/wp-content/uploads/2012/04/63.pngEnumerate all users with the string userEnumerate all users with the string userhttps://pentestlab.blog/wp-content/uploads/2012/04/44.pngFinger a specific userFinger a specific userhttps://pentestlab.blog/wp-content/uploads/2012/04/35.pngExamine the contents of the plan fileExamine the contents of the plan filehttps://pentestlab.blog/wp-content/uploads/2012/04/26.pngList the logged users on the remote hostList the logged users on the remote hosthttps://pentestlab.blog/wp-content/uploads/2012/04/110.pngDiscovery of the Finger ServiceDiscovery of the Finger Service2012-04-10T17:30:13+00:00monthlyhttps://pentestlab.blog/2012/04/08/infectious-media-attack/https://pentestlab.blog/wp-content/uploads/2012/04/62.pngObtain a Remote ShellObtain a Remote Shellhttps://pentestlab.blog/wp-content/uploads/2012/04/122.pngMalicious PDFMalicious PDFhttps://pentestlab.blog/wp-content/uploads/2012/04/53.pngGenerating the ExploitGenerating the Exploithttps://pentestlab.blog/wp-content/uploads/2012/04/43.pngChoose the payloadChoose the payloadhttps://pentestlab.blog/wp-content/uploads/2012/04/34.pngAvailable PayloadsAvailable Payloadshttps://pentestlab.blog/wp-content/uploads/2012/04/25.pngSelecting the Attack VectorSelecting the Attack Vectorhttps://pentestlab.blog/wp-content/uploads/2012/04/16.pngInfectious Media GeneratorInfectious Media Generator2012-04-08T22:00:37+00:00monthlyhttps://pentestlab.blog/2012/04/08/pass-the-hash-attack/https://pentestlab.blog/wp-content/uploads/2012/04/snapshot5.pngAuthentication with the Administrator's hashAuthentication with the Administrator's hashhttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot4.pngpsexec configurationspsexec configurationshttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot7.pngNmap script Discovery of the workgrouphttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot6.pngDescription of psexecDescription of psexechttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot3.pngObtaining the hashesObtaining the hasheshttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot2.pngExploitation of the systemExploitation of the systemhttps://pentestlab.blog/wp-content/uploads/2012/04/snapshot1.pngConfiguring the exploitConfiguring the exploit2012-04-08T01:32:30+00:00monthlyhttps://pentestlab.blog/2012/04/06/post-exploitation-disable-firewall-and-kill-antivirus/https://pentestlab.blog/wp-content/uploads/2012/04/010.pngNo records in the Event ViewerNo records in the Event Viewerhttps://pentestlab.blog/wp-content/uploads/2012/04/18.pngClear the log filesClear the log fileshttps://pentestlab.blog/wp-content/uploads/2012/04/17.pngKill the remaing AVG processesKill the remaining AVG processeshttps://pentestlab.blog/wp-content/uploads/2012/04/15.pngFind the running processes of AVG after the rebootFind the running processes of AVG after the reboothttps://pentestlab.blog/wp-content/uploads/2012/04/141.pngReboot the remote targetReboot the remote targethttps://pentestlab.blog/wp-content/uploads/2012/04/131.pngDisable the AVG ServicesDisable the AVG Serviceshttps://pentestlab.blog/wp-content/uploads/2012/04/121.pngAttributes of AVG servicesAttributes of AVG serviceshttps://pentestlab.blog/wp-content/uploads/2012/04/111.pngFind the AVG processesDiscovery of the AVG serviceshttps://pentestlab.blog/wp-content/uploads/2012/04/10.pngCategorize the servicesCategorize the serviceshttps://pentestlab.blog/wp-content/uploads/2012/04/9.pngProcesses of the remote systemProcesses of the remote system2022-01-07T14:02:23+00:00monthlyhttps://pentestlab.blog/2012/04/05/samba-server-exploitation/https://pentestlab.blog/wp-content/uploads/2012/04/32.pngSamba Exploit ExecutionSamba Exploit Executionhttps://pentestlab.blog/wp-content/uploads/2012/04/41.pngDescription of the Samba ExploitDescription of the Samba Exploithttps://pentestlab.blog/wp-content/uploads/2012/04/13.pngSetting up the Samba ExploitSetting up the Samba Exploithttps://pentestlab.blog/wp-content/uploads/2012/04/51.pngIdentifying Samba ServiceIdentifying Samba Service2014-04-07T12:45:45+00:00monthlyhttps://pentestlab.blog/2012/04/04/metasploit-framework-payload-commands/2012-04-04T12:26:15+00:00monthlyhttps://pentestlab.blog/2012/04/02/nmap-techniques-for-avoiding-firewalls/https://pentestlab.blog/wp-content/uploads/2012/04/01.pngLog Files flooded with decoy addressesLog Files flooded with decoy addresseshttps://pentestlab.blog/wp-content/uploads/2012/04/0.pngSpecify decoy addresses manuallyScanning with decoy addresses https://pentestlab.blog/wp-content/uploads/2012/04/31.pngSpecify a specific MTU to the packetsSpecify a specific MTU to the packetshttps://pentestlab.blog/wp-content/uploads/2012/04/12.pngFragment packetCapture a fragment packethttps://pentestlab.blog/wp-content/uploads/2012/04/23.png2https://pentestlab.blog/wp-content/uploads/2012/04/22.pngFragment Packets - NmapFragment Packets - Nmaphttps://pentestlab.blog/wp-content/uploads/2012/04/log-files-idle-scan.pngLog Files - Idle ScanFirewall Log Files - Idle Scanhttps://pentestlab.blog/wp-content/uploads/2012/04/7.pngExecuting an Idle ScanExecuting an Idle Scanhttps://pentestlab.blog/wp-content/uploads/2012/04/8.pngipidseqDiscover Zombieshttps://pentestlab.blog/wp-content/uploads/2012/04/4.pngA sample of a packet that we have add 25 more bytes to avoid detectionA sample of a packet that we have add 25 more bytes to avoid detection2014-05-26T04:45:58+00:00monthlyhttps://pentestlab.blog/2012/04/01/password-security-101/2012-08-17T02:33:26+00:00monthlyhttps://pentestlab.blog/2012/03/30/java-exploit-attack-cve-2012-0507/https://pentestlab.blog/wp-content/uploads/2012/03/84.pngList the sessions that the Java Exploit openedList the sessions that the Java Exploit openedhttps://pentestlab.blog/wp-content/uploads/2012/03/76.pngExploiting the VulnerabilityExploiting the Vulnerabilityhttps://pentestlab.blog/wp-content/uploads/2012/03/66.pngExecution of the Java ExploitExecution of the Java Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/58.pngPayload OptionsPayload Optionshttps://pentestlab.blog/wp-content/uploads/2012/03/48.pngConfiguring the payloadConfiguring the payloadhttps://pentestlab.blog/wp-content/uploads/2012/03/39.pngJava Exploit Settings and PayloadsJava Exploit Settings and Payloadshttps://pentestlab.blog/wp-content/uploads/2012/03/211.pngOptions for the Java ExploitOptions for the Java Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/112.pngSearch for Java Atomic Reference Array ExploitSearch for Java Atomic Reference Array Exploit2013-01-02T09:26:33+00:00monthlyhttps://pentestlab.blog/2012/03/29/windows-2003-server-exploitation/https://pentestlab.blog/wp-content/uploads/2012/03/57.pngInformation about the remote systemInformation about the remote systemhttps://pentestlab.blog/wp-content/uploads/2012/03/47.pngExploitation with the NetapiExploitation with the Netapihttps://pentestlab.blog/wp-content/uploads/2012/03/38.pngnetapi exploit configurationNetapi Exploit Configurationhttps://pentestlab.blog/wp-content/uploads/2012/03/210.pngSearch for the netapi exploitSearch for the netapi Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/110.pngMicrosoft-DSMicrosoft-ds Service is Open2014-07-09T15:10:35+00:00monthlyhttps://pentestlab.blog/2012/03/28/metasploit-metsvc-backdoor/https://pentestlab.blog/wp-content/uploads/2012/03/03.pngBackdoor filesBackdoor fileshttps://pentestlab.blog/wp-content/uploads/2012/03/46.pngRemove the metsvc backdoorRemove the metsvc backdoorhttps://pentestlab.blog/wp-content/uploads/2012/03/0.pngMetsvc processMetsvc processhttps://pentestlab.blog/wp-content/uploads/2012/03/29.pngRun the Metsvc BackdoorRun the Metsvc Backdoorhttps://pentestlab.blog/wp-content/uploads/2012/03/19.pngMetsvc HelpMetsvc Help2012-03-28T04:10:19+00:00monthlyhttps://pentestlab.blog/2012/03/26/meterpreter-commands/2012-03-26T16:03:33+00:00monthlyhttps://pentestlab.blog/2012/03/26/microsoft-rdp-vulnerability-poc/https://pentestlab.blog/wp-content/uploads/2012/03/45.pngBSODBlue Screen after the execution of RDP Modulehttps://pentestlab.blog/wp-content/uploads/2012/03/37.pngExecuting the RDP ModuleExecuting the RDP DoS Modulehttps://pentestlab.blog/wp-content/uploads/2012/03/28.pngConfiguring the RDP DoS ModuleConfiguring the RDP DoS Modulehttps://pentestlab.blog/wp-content/uploads/2012/03/18.pngSearch for RDPSearch for RDP exploits2017-06-16T06:11:50+00:00monthlyhttps://pentestlab.blog/2012/03/23/web-jacking-attack-method/https://pentestlab.blog/wp-content/uploads/2012/03/44.pngCapturing the CredentialsCapturing the Credentialshttps://pentestlab.blog/wp-content/uploads/2012/03/65.pngFake Facebook PageFake Facebook Pagehttps://pentestlab.blog/wp-content/uploads/2012/03/56.pngWeb Jacking MessageMessage after opening the linkhttps://pentestlab.blog/wp-content/uploads/2012/03/36.pngSite ClonerCloning Facebookhttps://pentestlab.blog/wp-content/uploads/2012/03/27.pngWeb Jacking Attack MethodWeb Jacking Attack Methodhttps://pentestlab.blog/wp-content/uploads/2012/03/17.pngWeb Site Attack VectorsWeb Site Attack Vectors2012-03-23T18:58:28+00:00monthlyhttps://pentestlab.blog/2012/03/23/rpc-service-exploitation-in-windows-xp/https://pentestlab.blog/wp-content/uploads/2012/03/75.pngChecking for remote connectionsChecking for remote connectionshttps://pentestlab.blog/wp-content/uploads/2012/03/55.pngExploit the TargetExploit the Targethttps://pentestlab.blog/wp-content/uploads/2012/03/43.pngDCOM Exploit SettingsDCOM Exploit Settingshttps://pentestlab.blog/wp-content/uploads/2012/03/35.pngDCOM Exploit OptionsDCOM Exploit Optionshttps://pentestlab.blog/wp-content/uploads/2012/03/26.pngsearch for DCOM ExploitSearch for DCOM Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/16.pngRPC service in Windows XPRPC service in Windows XP2012-03-23T11:24:43+00:00monthlyhttps://pentestlab.blog/2012/03/22/apache-tomcat-exploitation/https://pentestlab.blog/wp-content/uploads/2012/03/92.pngApache Tomcat with login with valid accountApache Tomcat with login with valid accounthttps://pentestlab.blog/wp-content/uploads/2012/03/83.pngTomcat LoginTomcat Login Screenhttps://pentestlab.blog/wp-content/uploads/2012/03/10.pngMeterpreter Session through Apache TomcatMeterpreter Session through Apache Tomcathttps://pentestlab.blog/wp-content/uploads/2012/03/74.pngExploitation of Apache TomcatExploitation of Apache Tomcathttps://pentestlab.blog/wp-content/uploads/2012/03/64.pngExploit SettingsExploit Settingshttps://pentestlab.blog/wp-content/uploads/2012/03/54.pngApache Tomcat ExploitApache Tomcat Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/25.pngDiscovery Valid Credentials in Apache TomcatDiscovery Valid Credentials in Apache Tomcathttps://pentestlab.blog/wp-content/uploads/2012/03/24.pngDiscovery of Valid Credentials on the Apache TomcatDiscovery of Valid Credentials on the Apache Tomcathttps://pentestlab.blog/wp-content/uploads/2012/03/34.pngConfiguration on the scannerConfiguration on the scannerhttps://pentestlab.blog/wp-content/uploads/2012/03/15.pngAvailable Modules for Apache TomcatAvailable Modules for Apache Tomcat2012-08-04T21:33:38+00:00monthlyhttps://pentestlab.blog/2012/03/20/tabnabbing-attack-method/https://pentestlab.blog/wp-content/uploads/2012/03/82.pngCapturing the CredentialsCapturing the Credentialshttps://pentestlab.blog/wp-content/uploads/2012/03/63.pngFake Gmail PageFake Gmail Pagehttps://pentestlab.blog/wp-content/uploads/2012/03/53.pngOpening the webpageOpening the webpagehttps://pentestlab.blog/wp-content/uploads/2012/03/42.pngEnter the Fake WebsiteEnter the Fake Website for Cloninghttps://pentestlab.blog/wp-content/uploads/2012/03/33.pngSelecting the Site ClonerSelecting the Site Clonerhttps://pentestlab.blog/wp-content/uploads/2012/03/23.pngSelecting the Tabnabbing AttackSelecting the Tabnabbing Attackhttps://pentestlab.blog/wp-content/uploads/2012/03/14.pngWebsite Attack VectorWebsite Attack Vector2019-09-04T06:28:33+00:00monthlyhttps://pentestlab.blog/2012/03/17/metasploit-persistent-backdoor/https://pentestlab.blog/wp-content/uploads/2012/03/91.pngRemoving the backdoorRemoving the Backdoorhttps://pentestlab.blog/wp-content/uploads/2012/03/81.pnginformation about the remote targetInformation about the remote targethttps://pentestlab.blog/wp-content/uploads/2012/03/73.pngInteractive sessionsChecking if the backdoor has opened a new sessionhttps://pentestlab.blog/wp-content/uploads/2012/03/62.pngWindows is Shutting DownWindows is shutting downhttps://pentestlab.blog/wp-content/uploads/2012/03/52.pngRebooting the remote systemSend the command for reboothttps://pentestlab.blog/wp-content/uploads/2012/03/41.pngActive Sessions Active Sessionshttps://pentestlab.blog/wp-content/uploads/2012/03/32.pngPersistenc Backdoor in WindowsThe location of the script on the remote systemhttps://pentestlab.blog/wp-content/uploads/2012/03/22.pngExecution of Persistence BackdoorExecution of Persistence Backdoorhttps://pentestlab.blog/wp-content/uploads/2012/03/13.pngPersistence Backdoor OptionsPersistent Backdoor Options2012-03-17T21:52:48+00:00monthlyhttps://pentestlab.blog/2012/03/13/msfconsole-commands-cheat-sheet/https://pentestlab.blog/wp-content/uploads/2012/03/workingmetasploit.pngMSFconsole Commands Cheat Sheet2012-03-14T12:15:18+00:00monthlyhttps://pentestlab.blog/2012/03/12/internet-explorer-aurora-exploit/https://pentestlab.blog/wp-content/uploads/2012/03/72.pngAttepmting Privilege Escalation - AuroraPrivilege Escalationhttps://pentestlab.blog/wp-content/uploads/2012/03/61.pngStarting the Session - Aurora ExploitStarting the session and migration to another processhttps://pentestlab.blog/wp-content/uploads/2012/03/51.pngRunning the Aurora ExploitRunning the Aurora Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/31.pngSetting the Aurora and the payloadSetting the Aurora and the payloadhttps://pentestlab.blog/wp-content/uploads/2012/03/21.pngAnalyzing the Options of AuroraAnalyzing the Options of Aurora Exploithttps://pentestlab.blog/wp-content/uploads/2012/03/12.pngSearch for the AuroraSearching for the Aurora and use of the payload2012-03-12T10:11:14+00:00monthlyhttps://pentestlab.blog/resources/videos/2012-03-09T00:02:03+00:00weekly0.6https://pentestlab.blog/2012/03/08/nmap-scripting-engine-basic-usage-2/2017-02-25T19:44:52+00:00monthlyhttps://pentestlab.blog/2012/03/06/common-user-passwords-profiler/2012-05-21T16:01:51+00:00monthlyhttps://pentestlab.blog/2012/03/05/common-tcpip-ports/2012-03-05T04:45:17+00:00monthlyhttps://pentestlab.blog/resources/presentations/2012-03-04T02:45:30+00:00weekly0.6https://pentestlab.blog/2012/03/03/java-applet-attack-method/https://pentestlab.blog/wp-content/uploads/2012/03/71.pngObtaining the remote shellObtaining the remote shellhttps://pentestlab.blog/wp-content/uploads/2012/03/6.pngCommand Shell Session OpenedCommand Shell Session Openedhttps://pentestlab.blog/wp-content/uploads/2012/03/871.jpgJava Applet Attack in ActionJava Applet Attack in Actionhttps://pentestlab.blog/wp-content/uploads/2012/03/87.jpgJava Applet Attack Java Applet Attack in Actionhttps://pentestlab.blog/wp-content/uploads/2012/03/5.pngExploit SettingsExploit Settings https://pentestlab.blog/wp-content/uploads/2012/03/13.jpegSET is Setting the Web Server Launch of the Web Server through SET https://pentestlab.blog/wp-content/uploads/2012/03/12.jpegCreation of the Backdoor and Setting the port of the ListenerCreation of the Backdoor and Setting the port of the Listenerhttps://pentestlab.blog/wp-content/uploads/2012/03/4.pngSelection of the Encoding Selection of the encodinghttps://pentestlab.blog/wp-content/uploads/2012/03/9.pngSelecting the payloadSelecting the payloadhttps://pentestlab.blog/wp-content/uploads/2012/03/3.pngCloning the websiteCloning the Website2017-02-13T12:20:21+00:00monthlyhttps://pentestlab.blog/2012/03/01/attacking-the-ftp-service/https://pentestlab.blog/wp-content/uploads/2012/02/12.jpgLogin with msfadminLogin with msfadminhttps://pentestlab.blog/wp-content/uploads/2012/02/111.jpgDirectory of usernamesDirectory of usernameshttps://pentestlab.blog/wp-content/uploads/2012/02/10.jpgLogin to the FTP server via browserLogin to the FTP server via browserhttps://pentestlab.blog/wp-content/uploads/2012/02/9.jpgGet commandDownload the file to our computerhttps://pentestlab.blog/wp-content/uploads/2012/02/8.jpgls -latExecution of the command ls -lathttps://pentestlab.blog/wp-content/uploads/2012/02/7.jpgLogin on the FTP serverLogin with a valid account on the FTP serverhttps://pentestlab.blog/wp-content/uploads/2012/02/6.jpgDiscovery of the userDiscovery of the user username/passwordhttps://pentestlab.blog/wp-content/uploads/2012/02/5.jpgDiscovery of the ServiceDiscovery of the service username/passwordhttps://pentestlab.blog/wp-content/uploads/2012/02/4.jpgPostgres Discovery of the postgres username/password https://pentestlab.blog/wp-content/uploads/2012/02/15.jpgFTP Scanner ConfigurationFTP Scanner Settings2016-09-24T00:54:38+00:00monthlyhttps://pentestlab.blog/2012/02/26/port-scanning-with-metasploit/https://pentestlab.blog/wp-content/uploads/2012/02/8.pngTCP Scan ResultsTCP Scan Resultshttps://pentestlab.blog/wp-content/uploads/2012/02/9.pngTCP Scanner SettingsTCP Scanner Settingshttps://pentestlab.blog/wp-content/uploads/2012/02/7.pngOptions for TCP Scanner of MetasploitAvailable options of TCP Scannerhttps://pentestlab.blog/wp-content/uploads/2012/02/5.pngScanning the target Scanning the target with SYN scanhttps://pentestlab.blog/wp-content/uploads/2012/02/4.pngPort Range SettingPort Range Settinghttps://pentestlab.blog/wp-content/uploads/2012/02/3.pngSYN Scanner OptionsSYN Scanner Optionshttps://pentestlab.blog/wp-content/uploads/2012/02/2.pngConfiguration of SYN ScannerConfiguration of SYN Scannerhttps://pentestlab.blog/wp-content/uploads/2012/02/1.pngChoosing the Port ScannerChoosing the Port Scanner2023-11-25T17:39:50+00:00monthlyhttps://pentestlab.blog/2012/02/24/credential-harvester-attack-method/https://pentestlab.blog/wp-content/uploads/2012/02/snapshot9.pngSET discovering the CredentialsGrabbing the Username and the Passwordhttps://pentestlab.blog/wp-content/uploads/2012/02/2.jpgCredentials on FacebookUser is inserting his credentialshttps://pentestlab.blog/wp-content/uploads/2012/02/1.jpgFacebook Login PageFacebook Login Pagehttps://pentestlab.blog/wp-content/uploads/2012/02/snapshot8.pngCredential Harvester Attack in UseWaiting to capture credentialshttps://pentestlab.blog/wp-content/uploads/2012/02/snapshot7.pngSite Cloner Entering the Website that it will be Clonedhttps://pentestlab.blog/wp-content/uploads/2012/02/snapshot2.jpgSite ClonerChoosing the Site Cloner Methodhttps://pentestlab.blog/wp-content/uploads/2012/02/snapshot4.pngCredential Harvester Attack MethodChoosing the Credential Harvester Attack Methodhttps://pentestlab.blog/wp-content/uploads/2012/02/snapshot3.pngSET MenuSET Menu2014-12-17T11:01:56+00:00monthlyhttps://pentestlab.blog/2012/02/19/why-build-a-penetration-testing-lab/2015-07-22T05:51:58+00:00monthlyhttps://pentestlab.blog/2012/02/21/hardware-equipment-for-penetration-testing-labs/2019-11-08T02:58:41+00:00monthlyhttps://pentestlab.blogdaily1.02024-10-08T17:19:31+00:00