7MS #446: Certified Red Team Professional - Part 2
7 Minute Security17 Joulu 2020

7MS #446: Certified Red Team Professional - Part 2

Today's episode continues part 1 of our series on the Certified Red Team Professional certification. Key points from today's episode include:

  • It's probably a better idea to run Bloodhound on your local machine so you don't crush the student VM's resources

  • Running Invoke-Command is one of my new favorite things. Check this post for a bunch of cheatsheet tips for running commands in PowerShell against other hosts.

  • Silver, gold and skeleton key attacks in AD - are they awesome? Yes? Do I see myself using those in short-term pentest enagements? Meh.

  • Wanna build a home lab to do some of these fun pentest stuff? Our buddy k3nundrum in Slack recommended we check out this. It looks awesome. And the devs of the tool have a video on it here.

  • When you're popping shells and privs all over the place in the lab, it can be confusing to figure out which machines you have what privileges on. I like using the klist command. Or, from a mimikatz prompt, try kerberos::list /export.

Suosittua kategoriassa Politiikka ja uutiset

rss-ootsa-kuullut-tasta
aikalisa
tervo-halme
ootsa-kuullut-tasta-2
politiikan-puskaradio
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
otetaan-yhdet
politbyroo
aihe
rikosmyytit
rss-terveisia-seelannista
radio-antro
rss-lets-talk-about-hair
rss-50100-podcast
rss-kuka-mina-olen
rss-sanna-ukkola-show-verkkouutiset
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset