Lab of a Penetration Tester labofapenetrationtester.com

RACE - Minimal Rights and ACE for Active Directory Dominance

labofapenetrationtester.com·351w·labofapenetrationtester.com

How NOT to use the PAM trust - Leveraging Shadow Principals for Cross Forest Attacks

labofapenetrationtester.com·370w·labofapenetrationtester.com

Using ActiveDirectory module for Domain Enumeration from PowerShell Constrained Language Mode

labofapenetrationtester.com·394w·labofapenetrationtester.com

Forging Trusts for Deception in Active Directory

labofapenetrationtester.com·396w·labofapenetrationtester.com

Silently turn off Active Directory Auditing using DCShadow

labofapenetrationtester.com·420w·labofapenetrationtester.com

DCShadow - Minimal permissions, Active Directory Deception, Shadowception and more

labofapenetrationtester.com·423w·labofapenetrationtester.com

A Critique of Logging Capabilities in PowerShell v6

labofapenetrationtester.com·435w·labofapenetrationtester.com

Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts and Microsoft's response

labofapenetrationtester.com·457w·labofapenetrationtester.com

Week of Evading Microsoft ATA - Day 4 - Silver ticket, Kerberoast and SQL Servers

labofapenetrationtester.com·457w·labofapenetrationtester.com

Week of Evading Microsoft ATA - Day 3 - Constrained Delegation, Attacks across trusts, DCSync and DNSAdmins

labofapenetrationtester.com·458w·labofapenetrationtester.com

Week of Evading Microsoft ATA - Day 2 - Overpass-the-hash and Golden Ticket

labofapenetrationtester.com·458w·labofapenetrationtester.com

Week of Evading Microsoft ATA - Announcement and Day 1

labofapenetrationtester.com·458w·labofapenetrationtester.com

Abusing DNSAdmins privilege for escalation in Active Directory

labofapenetrationtester.com·471w·labofapenetrationtester.com

Using SQL Server for attacking a Forest Trust

labofapenetrationtester.com·478w·labofapenetrationtester.com

Exfiltration of User Credentials using WLAN SSID

labofapenetrationtester.com·495w·labofapenetrationtester.com

AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It

labofapenetrationtester.com·504w·labofapenetrationtester.com

Practical use of JavaScript and COM Scriptlets for Penetration Testing

labofapenetrationtester.com·521w·labofapenetrationtester.com

Getting Domain Admin with Kerberos Unconstrained Delegation

labofapenetrationtester.com·533w·labofapenetrationtester.com

Hacking with Human Interface Devices - Easy Reverse Shells

labofapenetrationtester.com·536w·labofapenetrationtester.com

Stream a target's Desktop using MJPEG and PowerShell

labofapenetrationtester.com·544w·labofapenetrationtester.com

Log in to enable infinite scrolling