Auditing Active Directory Passwords
This article walks you through how to perform a security audit on Active Directory passwords step by step. Learn how to use tools like Mimikatz and Hashcat to extract and…
How to Disable NetBIOS and LLMNR Protocols in Windows and Intune
What are they? NetBIOS over TCP/IP and LLMNR are broadcast protocols primarily used for compatibility with older Windows systems. However, both are vulnerable to spoofing and MITM attacks. Tools like…
Protecting against OS Credential Dumping
You may have heard about OS Credential Dumping during a penetration test or in the news, and now you may want to learn how to protect yourself from it. What…
How to Harden the Security of your Microsoft 365 Tenant part 1
On this series of articles we are going to talk about how we can improve the security of our tenant. Firstly we are going to talk about how to avoid…
Maester – Secure your M365 Tenant
In the last article, we discussed how to secure our Active Directory. Now, it’s time to talk about how we can secure our Microsoft 365 tenant in the cloud. Maester…
How to secure your Active Directory?
In this article, we will discuss how to secure our Active Directory. Before spending a lot of money on an expensive vulnerability assessment, you may want to take a look…
Active Directory – Home Lab Building – part 2
Let’s continue our journey constructing an Active Directory home lab. Once the rolled is correctly installed, we will see an exclamation mark near the flag option in the dashboard. It…
Hack the Box: Perfection Writeup
Summary: To gain a foothold on the machine, we exploited an SSTI vulnerability in the web app. Subsequently, we discovered an email detailing the password pattern along with some hashes.…
Hack the Box: Analytics Writeup
Summary: In our approach to solving this box, we first gained access to the machine by exploiting a pre-authentication Remote Code Execution (RCE) vulnerability found in Metabase. After that, we…