Attacking Active Directory
- Mind-blown thesis-like post on Kerberos Delegation attack primitives, one of those you need to make it your “research” goal of the month to actually understand what it’s saying. It touches so many Kerberos concepts that a lot of parallel reading is required: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
- Oh, My Kerberos! Do Not Get Kerberoasted!. Good preliminary explanation on how SPNs work.
- kerberos attack techniques - kerberoast
- Kerberos cheatsheet by Tarlogic A cheatsheet with commands that can be used to perform kerberos attacks
Create New Machine Account
PowerMad is a powershell script that leverages .NET calls to create new machine accounts.
Repo: https://github.com/Kevin-Robertson/Powermad Blog Post: https://blog.netspi.com/exploiting-adidns/
Tools and Scripts
- Evading EDR and decoupling Macro execution: https://blog.f-secure.com/dechaining-macros-and-evading-edr/
- Reverse Shell Generator Online –> https://weibell.github.io/reverse-shell-generator/
Mail & SMTP
- Test smtp relay: https://blog.mailtrap.io/test-smtp-relay/
There are bazillion ways of bruteforcing stuff on the web, let’s capture some here.
Hydra is a parallelized password cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add: https://github.com/vanhauser-thc/thc-hydra
Autobrute: make it easier to launch THC Hydra against Forms
Autobrute is a script that automates the time consuming process of forming a
- Great PoC calc shellcode to use in different scenarios:
- Subvert-PE a tool to inject shellcode with powershell. See blog
- Check https://amsi.fail/ to obfuscate powershell code
This is an excellent repository of offensive tradecraft knowledge.
- For Active Directory –> https://gitlab.com/pentest-tools/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md
ColdFire: Developing malware with Golang
A library that makes it easier than ever. It provides various methods useful for malware development in Golang. Most functions are compatible with both Linux and Windows operating systems
- Kali on WSL: https://www.youtube.com/watch?v=f8m6tKErjAI