Home
cyberkhalid
Cancel

Startup Apps

Startup Apps Each user can define apps that start when they log in, by placing shortcuts to them in a specific directory. Windows also has a startup directory for apps that should start for all us...

SNMPv1,SNMPv2,SNMPv2c Pentesting

SNMP Simple Network Management Protocol (SNMP) is a protocol for network management. It is used to monitor different devices in the network (like routers, switches, printers, IoTs…). It runs on po...

SMBRelay

SMBRelay SMB signing is a security mechanism that allows digitally signing SMB packets to enforce their authenticity and integrity - the client/server knows that the incoming SMB packets they are ...

Silver Ticket

Silver Ticket Is an attack that allows attacker who has the password hash of a target service(MSSQL, CIFS, Sharepoint) to forge Kerberos ticket-granting tickets (TGT) that will enable attacker to ...

Local User Account

Local User Account If we compromised an Administrator, we can create a user and add him to an Administrators group. Exploitation We are going to create a user and add him to an Administrator gro...

Startups

Startups Each user can define apps that start when they log in, by placing shortcuts to them in a specific directory. Windows also has a startup directory for apps that should start for all users:...

Registry Autoruns

Registry Autoruns Windows can be configured to run commands at startup. If we compromise an administrator’s account, we can add our reverse shell to Registry Run Keys, so that to be triggered each...

Local User Account

Local User Account If we have root privilege, we can create a user and add him to a root. Exploitation We are going to create a user and add him to a root group. Now we will have a root privi...

Pass The Ticket(Ptt)

Pass The Ticket(Ptt) Pass the Ticket(Ptt) is a credential theft technique that enables adversaries to use stolen Kerberos tickets to authenticate to resources (e.g., file shares and other computer...

Pass The Hash(Pth)

Pass The Hash(Pth) Pass the hash is a type of cybersecurity attack in which an adversary steals a “hashed” user credential and uses it to create a new user session on the same network. Unlike othe...