RedTeam.Ref
Web Shenanigans DNS + IP Viewdns.info Certificates crt.sh: Certificate Search Remote Desktop, RDG, RDP https://superuser.com/questions/1103193/decrypt-rdp-password-stored-in-rdg-file…
a year ago
Hunting in EVTX Event Logs
So, you've come across an EVTX (.evtx) log file which you need to analyze or get some useful information from... I know the feeling! Tools Event Viewer You can use the Event Viewer, the GUI program built into Windows which is great but if you have a ton of events...well it can be painful PowerShell …
a year ago
Code Hacking Tips + Snippets
Shell Hacks String Multiplier PowerShell: $temp = "A" * 100000 --You can even pipe it to clip for an easy copy and paste :) Python: python -c "print('A' * 10000)" Bash: temp=$(printf 'A%.0s' {1..10000}) PowerShell Running cmd commands inside PowerShell $tempDir = cmd.exe /c "…
a year ago
HackingTheCode [0x01] – Windows Internals
Windows Internals This is my second post on this series, for further reference checkout the first post: HackingTheCode 💡 DISCLAIMER: When I create these blog posts, not only am I trying to help folks but I am also creating a reference document for myself. Thus, some of the content might overlap and …
a year ago
KQL For Security
Kusto Query Language (KQL) can be used for all kinds of security shenanigans. It is often used in incident response and threat hunting, but it can be leveraged in different ways for different needs. I use KQL often and while I am definitely not a pro, I am on a never-ending journey to always get bet…
a year ago
Network Security – Passive Recon [TryHackMe]
When we engage in passive recon we are looking at information that is publicly available without interacting directly with the target. Here I summarize some of the tooling and help answer the questions. whois whois is a tool that uses the query and response protocol which "searches for an objec…
2 years ago
HackingTheCode [0x00]
In this series/post/document we are going to go through some of the different layers of code hacking/exploitation as well as some tooling. You may consider it a bit on the deep-end, and it does include code. A fair disclaimer: I am a bit of geek when it comes to this stuff, and I do not claim to kno…
2 years ago
Kenobi [TryHackMe]
Goals: Enumerate Samba for shares Manipulate a vulnerable version of proftpd Privilege Escalation via path variable manipulation Task 1 - Basic nmap scan Scan the machine to see how many ports are open: Use nmap -vvv <Target_IP_Address>: PORT STATE SERVICE REASON 21/tcp open ftp syn-ack 22/tcp…
2 years ago
JWT Tokens…
JWT or JSON Web Tokens are used extensively for authorization following authentication. For most of my use cases, I am mostly working with Microsoft related stack (Azure, AAD, ADO) shenanigans. As I continue to dive into auth and identity related topics, I figured I would write some quick basic note…
2 years ago
Kioptrix Level 1 [VulnHub]
In the Marine Corps, we have a saying "Train like you fight". I like to keep that mindset when I approach anything work related and therefore our approach will be that of a real engagement. Â Also, remember to take notes as we go along, this is useful to keep track of what is what, helping…
2 years ago