Revx0r – Security Mindset Blog

Revx0r – Security Mindset Blog

Security, Reverse Engineering, Cloud and Code

Month: October 2021

Metasploit: Meterpreter – Post-Exploitation Challenge [TryHackMe]

This is a quick walkthrough for the challenge portion of the Meterpreter Post-Exploitation Challenge in TryHackMe. What we know / scope We have an IP address and some creds. Discovery & Scanning Let's see what else we can find. Let's do a quick nmap scan: sudo nmap -sV -vv 10.10.131.12 130 ⨯ Sta…

Revx0r

2 years ago

Vulnerability Capstone [TryHackMe]

Here we are going to leverage the skills which you might have learned within the Vulnerability Research module. Task: "Ackme Support Incorporated has recently set up a new blog. Their developer team have asked for a security audit to be performed before they create and publish articles to the public…

Revx0r

2 years ago

Exploit Vulnerabilities Walkthrough [TryHackMe]

I am going through the newly released Jr Penetration Tester Learning Path and I enjoyed this quick but cool challenge. I figured why not write a short and sweet walkthrough :) Automated vs Manual Vulnerability Research In this section we take a look at a brief introduction of vulnerability scanning.…

Revx0r

2 years ago

Sysmon for Linux

I want to carve some time out to explore using the tool, in the meant time I will put some links down here to keep track of posts about it :) https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054https://techcommunity.micro…

Revx0r

2 years ago

rsync

rsync is a powerful little tool that is pre-installed in a lot of distros that we can use to synchronize files/directories in Linux. This example essentially makes copies/updates the files in /path/to/destinationDir to be the same as mySourceDir: rsync -avuP mySourceDir /path/to/destinationDir 'rsyn…

Revx0r

2 years ago

Hunting in the Event Logs – Event ID 4722

Quick event log review and threat hunting in the logs from the trenches post. When reviewing an alert for 4722: A user account was enabled the event is broken down into two parts, Subject and Target: Subject:This section is related to the account that was used to enable the account. Target: This sec…

Revx0r

2 years ago