Podme logo
HjemOppdagKategorierSøkStudent
7MS #352: Recap of Rad Red Team Training

7MS #352: Recap of Rad Red Team Training

34:532019-03-14

Om episode

I recently had the awesome opportunity to take the awesome Real World Red Team course put on by Peter Kim, author of The Hacker Playbook series. TLDR and TLDR (too long don't listen): go take this training. Please. Now. The end. If you want to hear more, check out today's podcast episode where I talk about all the wonderful tidbits I learned from Peter during the training, including: Doppelganger attacks - does your target have a frequently used site like mail.company.com? Try buying up mailcompany.com with a copy of their email portal (using Social Engineer Toolkit), and the creds might come pouring in! Get potential usable creds from old breaches (Adobe, Ashley Madison, LinkedIn, Spotify) Password spraying is often really effective to get you your first set of creds - check out Spray or DomainPasswordSpray When creating phishing payloads, Veil will help you craft something to bypass AV When you're in a network and have grabbed your first set of creds, run BloodHound or SharpHound to map the Active Directory and find your high-value targets Check systems for MS17-010 for some potential easy wins Look for potential accounts that you can Kerberoast For more info visit today's show notes on 7ms.us

logo

PODME

INFORMASJON

  • Om informasjonskapsler
  • Generelle vilkår
  • Personvernerklæring

LAST NED APPEN

app storegoogle play store

REGION

flag
  • sweden_flag
  • norway_flag
  • finland_flag
redaktorsansvar

Podme arbeider etter Vær Varsom-plakatens regler for god presseskikk. Ansvarlig redaktør og daglig leder er Kristin Ward Heimdal. Redaktør for eksterne innholdssamarbeid er Mathias Thaulow Lisberg.

© Podme AB 2024