Burp Suite for Pentester: Web Scanner & Crawler
β΄ Twitter: https://lnkd.in/e7yRpDpY
π₯Telegram: https://t.me/hackinarticles
In this article, weβll discuss how you can identify hidden web pages or determine the existing vulnerabilities in a web application. To do this, we will use one of the best intercepting tools β βBurp Suiteβ.
π·οΈ The Burpβs Crawler
ββ What is Crawler?
ββοΈ Crawl with Default Configurations
βπ οΈ Customizing the Crawler
π‘οΈ Vulnerability Scanning over Burp Suite
βπ Auditing with Default Configurations
βποΈ Defining Audit Options
π Crawling & Scanning with an Advanced Scenario
ποΈ Deleting the Defined Tasks
β΄ Twitter: https://lnkd.in/e7yRpDpY
π₯Telegram: https://t.me/hackinarticles
In this article, weβll discuss how you can identify hidden web pages or determine the existing vulnerabilities in a web application. To do this, we will use one of the best intercepting tools β βBurp Suiteβ.
π·οΈ The Burpβs Crawler
ββ What is Crawler?
ββοΈ Crawl with Default Configurations
βπ οΈ Customizing the Crawler
π‘οΈ Vulnerability Scanning over Burp Suite
βπ Auditing with Default Configurations
βποΈ Defining Audit Options
π Crawling & Scanning with an Advanced Scenario
ποΈ Deleting the Defined Tasks
Censys Cheat Sheet
π΄β«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Censys/Censys%20UHD.png
π΄β«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Censys/Censys%20UHD.png
Shodan Cheat Sheet
π΄β«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20UHD.png
π΄β«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20UHD.png
π Active Directory Exploitation Training (Online) β Register Now! π
π Register here: https://forms.gle/bowpX9TGEs41GDG99
π¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
π§ Email: info@ignitetechnologies.in
Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.
βοΈ Comprehensive Table of Contents:
π Initial Active Directory Exploitation
π Active Directory Post-Enumeration
π Abusing Kerberos
π§° Advanced Credential Dumping Attacks
π Privilege Escalation Techniques
π Persistence Methods
π Lateral Movement Strategies
π‘οΈ DACL Abuse (New)
π΄ ADCS Attacks (New)
π Saphire and Diamond Ticket Attacks (New)
π Bonus Sessions
π Register here: https://forms.gle/bowpX9TGEs41GDG99
π¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
π§ Email: info@ignitetechnologies.in
Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.
βοΈ Comprehensive Table of Contents:
π Initial Active Directory Exploitation
π Active Directory Post-Enumeration
π Abusing Kerberos
π§° Advanced Credential Dumping Attacks
π Privilege Escalation Techniques
π Persistence Methods
π Lateral Movement Strategies
π‘οΈ DACL Abuse (New)
π΄ ADCS Attacks (New)
π Saphire and Diamond Ticket Attacks (New)
π Bonus Sessions
Abusing AD-DACL: WriteDacl
β΄ Twitter: https://lnkd.in/e7yRpDpY
π₯Telegram: https://t.me/hackinarticles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments.
π§ͺ Lab Setup β User Owns WriteDacl Permission on Another User
βοΈ Exploitation Phase I β User Owns WriteDacl Permission on Another User
π΅οΈ BloodHound β Hunting for Weak Permission
π§ Method for Exploitation:
ββπ Granting Full Control
ββπ₯ Kerberoasting (T1558.003) or
ββπ Change Password (T1110.001)
π§ Linux-Based Tools
π§° Impacket Tool β Granting Full Control
π Python Script (TargetedKerberoast)
π Linux β Change Password
π‘ Net RPC (Samba)
π BloodyAD
πͺ Windows PowerShell (PowerView)
π§Ύ Granting Full Control
π¦ Kerberoasting
π Change Password
π§ͺ Lab Setup β User Owns WriteDacl Permission on the Domain Admin Group
βοΈ Exploitation Phase II β User Owns WriteDacl Permission on a Group
π΅οΈ BloodHound β Hunting for Weak Permission
π§ Method for Exploitation:
ββπ Granting Full Control
ββπ₯ Account Manipulation (T1098)
π§ Linux-Based Tools
π§° Impacket Tool β Granting Full Control
β Linux β Adding Member to the Group
π‘ Net RPC (Samba)
π BloodyAD
πͺ Windows-Based Tools
π§Ύ PowerView β Granting Full Control
β Net Command β Adding Member to Group
β΄ Twitter: https://lnkd.in/e7yRpDpY
π₯Telegram: https://t.me/hackinarticles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments.
π§ͺ Lab Setup β User Owns WriteDacl Permission on Another User
βοΈ Exploitation Phase I β User Owns WriteDacl Permission on Another User
π΅οΈ BloodHound β Hunting for Weak Permission
π§ Method for Exploitation:
ββπ Granting Full Control
ββπ₯ Kerberoasting (T1558.003) or
ββπ Change Password (T1110.001)
π§ Linux-Based Tools
π§° Impacket Tool β Granting Full Control
π Python Script (TargetedKerberoast)
π Linux β Change Password
π‘ Net RPC (Samba)
π BloodyAD
πͺ Windows PowerShell (PowerView)
π§Ύ Granting Full Control
π¦ Kerberoasting
π Change Password
π§ͺ Lab Setup β User Owns WriteDacl Permission on the Domain Admin Group
βοΈ Exploitation Phase II β User Owns WriteDacl Permission on a Group
π΅οΈ BloodHound β Hunting for Weak Permission
π§ Method for Exploitation:
ββπ Granting Full Control
ββπ₯ Account Manipulation (T1098)
π§ Linux-Based Tools
π§° Impacket Tool β Granting Full Control
β Linux β Adding Member to the Group
π‘ Net RPC (Samba)
π BloodyAD
πͺ Windows-Based Tools
π§Ύ PowerView β Granting Full Control
β Net Command β Adding Member to Group
β€2
Comprehensive Guide on Autopsy Tool (Windows)
β΄ Twitter: https://lnkd.in/e7yRpDpY
Autopsy is an open-source tool that is used to perform forensic operations on the disk image of the evidence. The forensic investigation that is carried out on the disk image is displayed here.
β‘ File Type
β‘MIME-type
β‘Deleted Files
β‘MB File size
β‘Results
β‘Extracted Content
β‘Keyword Hits
β‘Timeline
β‘Discovery
β‘Images/Videos
β‘Add File Tags
β‘Generate Reports
β΄ Twitter: https://lnkd.in/e7yRpDpY
Autopsy is an open-source tool that is used to perform forensic operations on the disk image of the evidence. The forensic investigation that is carried out on the disk image is displayed here.
β‘ File Type
β‘MIME-type
β‘Deleted Files
β‘MB File size
β‘Results
β‘Extracted Content
β‘Keyword Hits
β‘Timeline
β‘Discovery
β‘Images/Videos
β‘Add File Tags
β‘Generate Reports
π₯ CISSP Training Program (Online) π₯ β Register Now! π
π Register here: https://forms.gle/bowpX9TGEs41GDG99
π¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
π§ Email: info@ignitetechnologies.in
Join Ignite Technologies CISSP live sessions with core practicals at Lowest Price.
BOOK YOUR Seat NOW β¦β¦β¦β¦.
π Security and Risk Management
π¦ Asset Security
ποΈ Security Architecture and Engineering
π Communication and Network Security
π§βπ» Identity and Access Management (IAM)
π§ͺ Security Assessment and Testing
βοΈ Security Operations
π» Software Development Security
π Register here: https://forms.gle/bowpX9TGEs41GDG99
π¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
π§ Email: info@ignitetechnologies.in
Join Ignite Technologies CISSP live sessions with core practicals at Lowest Price.
BOOK YOUR Seat NOW β¦β¦β¦β¦.
π Security and Risk Management
π¦ Asset Security
ποΈ Security Architecture and Engineering
π Communication and Network Security
π§βπ» Identity and Access Management (IAM)
π§ͺ Security Assessment and Testing
βοΈ Security Operations
π» Software Development Security
β€1
A Detailed Guide on Medusa
β΄ Twitter: https://lnkd.in/e7yRpDpY
Hi Pentesters! Letβs learn about a different tool Medusa, which is intended to be a speedy, parallel and modular, login brute force.
πΆ Features of Medusa
πΆPassword Cracking for specific Username
πΆUsername Cracking for specific Password
πΆTo crack login credentials
πΆBrute Force on Multiple Host
πΆTo attack a specific port rather than the default
πΆAdditional password checks (Null/Same)
πΆTo Save Logs in a File
πΆStop on Success.
πΆTo suppress start-up Banner
πΆVerbose Mode
πΆError Debug level
πΆUsing Combo Entries
πΆConcurrent testing on multiple logins
πΆDisplay Module Usage Information
β΄ Twitter: https://lnkd.in/e7yRpDpY
Hi Pentesters! Letβs learn about a different tool Medusa, which is intended to be a speedy, parallel and modular, login brute force.
πΆ Features of Medusa
πΆPassword Cracking for specific Username
πΆUsername Cracking for specific Password
πΆTo crack login credentials
πΆBrute Force on Multiple Host
πΆTo attack a specific port rather than the default
πΆAdditional password checks (Null/Same)
πΆTo Save Logs in a File
πΆStop on Success.
πΆTo suppress start-up Banner
πΆVerbose Mode
πΆError Debug level
πΆUsing Combo Entries
πΆConcurrent testing on multiple logins
πΆDisplay Module Usage Information
π1