Network Experience: My observations while working the targets: · Enumeration: Life-like · Vulnerabilities: Life-like · Exploitation: Life-like · Flag Difficulty — Breach: Hard · Flag Difficulty — Deploy: Easy · Flag Difficulty — Ghost: Easy · Flag Difficulty — Camouflage: Hard · Flag Difficulty — Doppelgänger: Easy/Medium · Flag Difficulty — Owned…

Target Experience: My observations while working this target: · Enumeration: Life-like · Vulnerabilities: Life-like · Exploitation: Life-like · Foothold Difficulty: Hard · Privilege Escalation Difficulty: Medium Tools: The recommended tools for this lab were: · Nmap · CrackmapExec · SMBClient · GetNPUsers · Hashcat · PowerView (Windows) · RPCClient · Pypykatz · Evil-WinRM …

After completing the OSCP, I was trying to find the “what’s next” for my educational journey as well as helping my pentesting career. I returned to HackTheBox and started studying with Offshore. However, more than halfway through, I ended up hitting the proverbial “brick wall”. …

One of the tools that I like to use against Windows based machines during a pentest or a CTF is CrackMapExec, by Marcello Salvati (aka byt3bl33d3r). …

I have had the opportunity to work on my Windows attacking skills within a couple of different CyberRanges recently. I have been trying to understand the different use cases with Mimikatz and decided to share my experiences with a Golden Ticket Attack. To start, a Golden Ticket is a post-exploitation…

I had a recent project to pentest a Microsoft Office 365 (O365) environment. When researching, I found that Microsoft implemented changes towards the end of 2019 to help mitigate user enumeration issues. With those changes, many documented techniques and automated tooling that previously leaked that information either no longer worked…

I attended a recent on-line preview training of Breaching the Cloud Perimeter; presented by Beau Bullack (@dafthack). This training mentioned a technique of using a script named FireProx with an AWS API Gateway to create a pass-through proxy; which rotated the source IP Address with every request. …

After several months of studying, I was finally able to successfully achieve the OSCP certification after two attempts. This has been one of the certifications that I have desired after making the switch from a long career in Cisco UC/Networking to Cybersecurity. …

Target Experience: My observations while working this target: · Enumeration: Life-like · Vulnerabilities: Life-like/CTF-like · Exploitation: Life-like/CTF-like · Difficulty: Easy/Medium · Community Notes: Life-like/CTF-like Tools: The recommended tools for this machine were: · Nmap · Gobuster · Nikto · Browser · Netcat Vulnerabilities: The following vulnerabilities were found: · Evading White List