▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A cheat sheet that contains common enumeration and attack methods for Windows Active Directory:

Enum Domain Computers:

Get-NetComputer -FullData
Get-DomainGroup

#Enumerate Live machines
Get-NetComputer -Ping
Enum Groups and Group Members:

Get-NetGroupMember -GroupName "<GroupName>" -Domain <DomainName>

#Enumerate the members of a specified group of the domain
Get-DomainGroup -Identity <GroupName> | Select-Object -ExpandProperty Member

#Returns all GPOs in a domain that modify local group memberships through Restricted Groups or Group Policy Preferences
Get-DomainGPOLocalGroup | Select-Object GPODisplayName, GroupName
Enumerate Shares

#Enumerate Domain Shares
Find-DomainShare

#Enumerate Domain Shares the current user has access
Find-DomainShare -CheckShareAccess
Enum Group Policies:

Get-NetGPO

# Shows active Policy on specified machine
Get-NetGPO -ComputerName <Name of the PC>
Get-NetGPOGroup

#Get users that are part of a Machine's local Admin group
Find-GPOComputerAdmin -ComputerName <ComputerName>
Enum OUs:

Get-NetOU -FullData
Get-NetGPO -GPOname <The GUID of the GPO>
Enum ACLs:

# Returns the ACLs associated with the specified account
Get-ObjectAcl -SamAccountName <AccountName> -ResolveGUIDs
Get-ObjectAcl -ADSprefix 'CN=Administrator, CN=Users' -Verbose

#Search for interesting ACEs
Invoke-ACLScanner -ResolveGUIDs

#Check the ACLs associated with a specified path (e.g smb share)
Get-PathAcl -Path "\\Path\Of\A\Share"
Enum Domain Trust:

Get-NetDomainTrust
Get-NetDomainTrust -Domain <DomainName>
Enum Forest Trust:

Get-NetForestDomain
Get-NetForestDomain Forest <ForestName>

#Domains of Forest Enumeration
Get-NetForestDomain
Get-NetForestDomain Forest <ForestName>

#Map the Trust of the Forest
Get-NetForestTrust
Get-NetDomainTrust -Forest <ForestName>
User Hunting:

#Finds all machines on the current domain where the current user has local admin access
Find-LocalAdminAccess -Verbose

#Find local admins on all machines of the domain:
Invoke-EnumerateLocalAdmin -Verbose

#Find computers were a Domain Admin OR a spesified user has a session
Invoke-UserHunter
Invoke-UserHunter -GroupName "RDPUsers"
Invoke-UserHunter -Stealth

#Confirming admin access:
Invoke-UserHunter -CheckAccess



AVAIBLE HERE » : https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The Syrian hacker network crashed, leaving 15 million $US in the center.
#CyberAttacks

Is the iPhone folding screen coming? Two prototypes are subject to preliminary testing.
#Technologies

🔵XCloner authentication bypass - wordpress plugin:

https://dailycve.com/node/22

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection:

Amphibians (scientific names)
Belgian Beers
Desserts in English, Arabic, Thai, Russian, Hindi, Chinese, Persian, and Muppet (Swedish Chef)
Emoji
evadeAV (smallest cipher space, x3 payload size)
GeoCoords World Capitals (Lat/Lon)
GeoCaching Coordinates (w/ Site Names)
IPv4 Addresses of Popular Websites
MD5 Password Hashes
PokemonGo Monsters
Shortened URLs pointing to different Youtube videos of Rick Astley's "Never Gonna Give You Up"
Ski Resorts
Status Codes (generic)
Star Trek characters
Top 100 Websites
World Beaches
World Cup Teams
Prepackaged scripts for adding noise / entropy to your cloaked payloads:

prependEmoji.py: Adds a randomize emoji to each line
prependID.py: Adds a randomized ID tag to each line
prependLatLonCoords.py: Adds randomized LatLong coordinates to each line
prependTimestamps.py: Adds timestamps (log file style) to each line

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/TryCatchHCF/Cloakify.git

2) cd Cloakify

3) look at examples inhttps://github.com/TryCatchHCF/Cloakify

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

SpaceX wins the Pentagon satellite launch order.
#Technologies

Samsung's intolerable low memory price would limit DRAM capital investment in 2021.
#Technologies

🔵X-STREAM Improper Authentication Vulnerability:

https://dailycve.com/node/23

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🕵️ Anonymity and security courses: //Original russian course:

1. Setting up the working environment. Improved and revised work with virtual machines (perhaps the only analogy with the previous course);

2. Fine work with different cryptocurrencies;

3. Selection, rental, administration and protection of VPS (70% of the work in the course takes place on servers);

4. Lifting and configuring services on VPS and working with them;

5. Fine work with Tor services;

6. Squeezing the maximum out of the Raspberry Pi;

7. Anonymous routers;

8. Lifting, configuring and administering the Tor node;

9. Work with PC hardware. Removing hardware bookmarks;

10. Risk minimization and ... authoring.


Watch & download:

https://codeby.net/threads/paranoid-ii-kurs-po-anonimnosti-i-bezopasnosti.69596/

Enjoy❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Adobe requested to unistall Flash Player from all platforms immediately.
#Updates

CEO of Microsoft Telecom AMD: Encouraged to produce more chips for the Xbox console.
#Technologies

🔵Tenda AC1200 input validation error vulnerability:

https://dailycve.com/tenda-ac1200-input-validation-error-vulnerability

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Recommended videos& pdfs for learn cross-site scripting :

https://www.youtube.com/watch?v=cWu_FJUrH5Y
31 min

https://www.youtube.com/watch?v=EoaDgUgS6QA
11 min

https://www.youtube.com/watch?v=IuzU4y-UjLw
11 min

https://owasp.org/www-pdf-archive/OWASP_IL_The_Universal_XSS_PDF_Vulnerability.pdf

https://www.exploit-db.com/docs/english/18895-complete-cross-site-scripting-walkthrough.pdf

https://www.cs.montana.edu/courses/csci476/topics/crosssite_attacks.pdf

https://www2.mmu.ac.uk/media/mmuacuk/content/documents/school-of-computing-mathematics-and-digital-technology/blossom/XSS.pdf

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵we found an issue in oneAPI Deep Neural Network Library expose a new bug:

https://dailycve.com/oneapi-deep-neural-network-library-expose-new-bug

Ericsson "supports banned Huawei"? Reaction from the Swedish government.
#International

Mozilla upgrades the design for Firefox.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑11 WEEKS NETWORK HACKING/CRACKING LESSONS :/Created & uploaded to git


T O P I C S :

Week 1 Lessons:
Setting Up A Penetration Testing Environment - This will focus on setting up a lab environment, specifically VMWare, Kali Linux, and our lab VMs. The lesson will briefly introduce important aspects of each set up (e.g. Snapshots in VMWare, the Kali Linux toolset, etc.) with the intention to build upon those aspects in later lessons.

How to Keep Notes Effectively - This lesson will cover the importance of note taking from a pentester standpoint. The lesson will introduce the Kali Linux built-in note-taking application, KeepNote, and discuss how to take notes effectively. Taking notes during a penetration test is incredibly important as it allows a pentester reference points when writing their final report, discussing timelines with their team or manager, or even discussing specifics of a pentest with a client.


Week 2 & 3 Lessons:
Introductory Python - Similar to Linux, we will spend some time learning basic Python scripting, which will be essential to our future endeavors as penetration testers.

Week 4 Lessons:

The Art of Reconnaissance - This lesson will discuss reconnaissance in depth and cover common tools used in the process. Some of the tools that will be covered are the OSINT Framework, SET, theHarvester, Bluto, Google Dorks, and Shodan. More tools will likely be added as the lesson is written.

Week 5 Lesson:

Week 6 Lesson:
Enumeration for the win - The intent of this lesson is to provide an overview of basic enumeration tactics and then dive deep into specific tools used for common ports found in penetration testing. For example, if we find port 80 open on a scan (HTTP), we will likely want to know what service is running and enumerate that service for potential exploits at a high level.

Week 7 Lesson:
Gaining a Shell with Metasploit - This lesson will cover how to use Metasploit to gain shell access to a vulnerable machine. This builds upon the introductory Metasploit from section 8 as we move from the auxiliary/scanning portion of Metasploit to the exploit portion. This lesson is important as Metasploit is a common tool in nearly every penetration testers toolkit, especially at the beginner level.

Compiling Exploits - This lesson will add to exploitation learned in section 9, except that the exploitation is now done manually, without Metasploit. This will teach the reader how to safely download exploits from the web, generate shellcode, compile the exploit if necessary, and execute it against a vulnerable machine.

Week 8, 9, and 10 (Internal Pentesting):
Hello Enumeration, My Old Friend - This lesson will cover post-exploitation enumeration.

Active Directory Exploitation - This lesson focuses on the recognition of vulnerabilities and exploitation tactics in an internal Active Directory environment. Attacks that will be introduced include: LLMNR poisoning/hash cracking, SMB hash relaying, pass the hash, token impersonation, kerberoasting, GPP/c-password attacks, and PowerShell attacks. More attacks will likely be added as the lesson is written, but the most common have been provided.

Week 11 Lessons:
Maintaining Access / Pivoting / Cleanup - This lesson will discuss methods of maintaining access on a network, pivoting into other networks, and how to properly clean up as you exit a network.


«Start» :
https://github.com/hmaverickadams/Beginner-Network-Pentesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Oppia is an online learning platform showing a new bug:

https://dailycve.com/oppia-online-learning-platform-showing-new-bug

Four ransomware attacks in two years targeted the town of Cornelia, USA.
#Malwares