Network Attack Tools

Port Forwarding in RTS

Adding Additional Port Forwards During Existing Session A little trick to setup further port forwards within a current SSH session is to press “<shift> <enter> ~ c” simultaneously and then supply the relevant command. Setting Up Multiple RDP Connections On the AWS box (connecting to deployed Kali): Edit the AWS instance .ssh/config to set up […]

Network Attack Wireless & RF-based Attacks

Airstrike Attack – FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)

By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPv2 […]

Hacking 101 Network Attack

External Network Penetration Testing

Reconnaissance Passive External Network Reconnaissance Active External Network Reconnaissance NMAP Scanning /24 IP range with UDP and TCP scan using SMB NSE script. Recon-NG User account enumeration On web app portal Exposed services – Protocols HTTP/HTTPS SMTP DKIM / DMARC / SPF misconfiguration SNMP FTP SSH Databases (MySQL, MSSQL, Oracle, DB2, Postgre, MongoDB…) […]

Hacking 101 Network Attack

Internal Network Penetration Testing

Recon Unauthenticated enumeration PowerShelll port scan AD search GUI Copy dsquery.dll from C:\Windows\System32 Unauthenticated User enumeration User enumeration via Kerberos –> Require list of possible usernames: User enumeration without kerberos Use the DsrGetDcNameEx2,CLDAP ping and NetBIOS MailSlot ping methods respectively to establish if any of the usernames in a provided text file exist on a […]

Hacking 101 Network Attack Network Scan & Map

Metasploit – Lab

Metasploit is an open source platform for vulnerability research, exploit development, and the creation of custom security tools. In this lab, we’re going to be using Metasploit to attack the Metasploitable2 VM. Preqreq – have a local Kali instance and Measploitable2 VM running. Activities Part 1 – Getting Started Update Kali: Start the Kali […]