Posted in: CrackMapExec, Penetration Testing Tools

Detecting Zerologon with CrackMapExec (CVE-2020-1472)

Today I am writing about CVE-2020-1472 (ZeroLogon) and how can be detected with CrackMapExec and then exploit it using a script. If you want to learn more about this amazing tool check documentation about CrackMapExec 5.4.0. What is Zerologon? How to detect Zerologon vulnerability? How to exploit Zerologon vulnerability? How to get a shell with […]

Posted in: Penetration Testing Tools

CrackMapExec: Full Post Exploitation guide

CrackMapExec (also known as CME) is a post-exploitation program that assists in automating the security assessment of large Active Directory infrastructures. CME was designed with stealth in mind, exploiting built-in Active Directory functionality to achieve its functionality and evading most endpoint protection/IDS/IPS technologies. How to Install CrackMapExec Configure Databases Supported Protocols Target Definition Attack SMB […]

Posted in: Penetration Testing Tools

SMBMap: Full Guide Enumerating SMB

How to Install SMBMap SMBMap Features Pass-the-Hash Support File upload/download/delete Permission enumeration (writable share, meet Metasploit) Remote Command Execution Distributed file content searching (beta!) File name matching (with an auto download capability) SMB Help Enumerate Remote Samba Service No Authentication With Authentication Null Session SMBMap Managing Files Download Upload Remote Command Execution Search Files on […]

Posted in: Penetration Testing Tools

Gobuster Tutorial: Web Enumeration

Gobuster tutorial on Web enumeration, learn how to detect virtual hosts and How to install Gobuster How to Gobuster Tutorial Gobuster Global Flags Gobuster Virtual Hosts enumeration Gobuster directory enumeration Gobuster can be used to brute force directory in a web server it has many arguments to control and filter the execution. To verify the […]

Posted in: Penetration Testing Tools

THC Hydra Tutorial: How to Brute Force Services

THC Hydra tutorial explaining how to brute force passwords using thc hydra password cracker, understand Define a List of users Attack Multiple Servers Hydra Modules Brute Force SSH with Hydra Brute Force Telnet with Hydra Brute Force FTP with Hydra Brute Force Team Speak with Hydra Brute Force SMB with Hydra Brute Force CISCO Auth […]

Back to Top