Category: Red Team
-
Hacking With PowerShell: Red Team
Read the article here: https://securethelogs.com/hacking-with-powershell-red-team/
-
Two New Tools: PSpanner and PSWatcher
Live Network Scanner: PSPanner: https://securethelogs.com/pspanner-network-scanner/ Network Scanner (With Event Logging for SIEMs)PSWatcher: https://securethelogs.com/pswatcher/
-
PSBruteZip: Crack Zip Passwords Using PowerShell
PSBruteZip allows you to brute force your way into Zip files should you have forgotten the password. A pre-req is that 7Zip is installed as it uses their commands. They function is better than Windows (I find).
-
UhOh365 – O365 Enumeration
Email addresses are what malicious parties collect because the more they have, the more they can Phish/target. Having the ability to enumerate these without generating logging attempts would be a dream for them. Sure they could use other OSINT techniques and steal them, but guessing may be quicker and less work….
-
Purple-Pages – Extension
Purple-Pages was designed to assist Security Engineers with their day to day activity……
-
Finding Access Anywhere Servers Using Certificates
Remote users are a part of every organization and the need to provide external access can be a real problem. For the bigger organizations, they will most likely implement several security controls in order to isolate their users from the rest of the internet. For some, they may want to go for the cheaper option to provide remote access……
-
SMB Relay Attack
SMB is commonly used for sharing files, printers and communication often between client to server. Before a client can communicate with the server or another client though, they will be required to authenticate themselves. This is simple access control…..
-
WinRM_Brute_Scanner Guide
I wrote this script to be able to scan for this service on a Windows system. Because this uses PowerShell commands, no AV should interfere, and no additional modules are required. Once obtained, remote commands can be sent.
-
Hacking Windows Remote Management (WinRM)
“Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate….
-
Meterpreter Basics
Meterpreter is a very powerful payload that can be dropped using an exploit in Metasploit. Once obtained, there is quite a lot that you can do. This is what I’m going to cover below. To find out more about Meterpreter, click the link below. This site also has examples on how to use the modules……..
-
Windows Shell – Discovery Stage
Sometimes you don’t always need a Meterpreter shell. Depending on the intent, Netcat might be all you need. The benefit being that Windows Defender still doesn’t see Netcat as a threat which could get you a shell…….
XStag0 