Covenant for Pentester: Basics
NTLM Downgrade Attack: Internal Monologue
Active Directory Enumeration: RPCClient
Active Directory Enumeration: BloodHound
Active Directory Enumeration: PowerView
Empire for Pentester: Active Directory Enumeration
Defense Evasion: Windows Event Logging (T1562.002)
Active Directory Pentesting: Lab Setup
PowerShell Empire for Pentester: Mimikatz Module
Port Forwarding & Tunnelling Cheatsheet
DNScat2: Application Layer C&C
AlienVault: Threat Hunting/Network Analysis
AlienVault: OSSEC (IDS) Deployment
AlienVault: End user Devices Integration-Lab Setup (Part 2)
Defense Evasion with obfuscated Empire
Threat Hunting: Velociraptor for Endpoint Monitoring (Part 2)
SIEM: Windows Client Monitoring with Splunk
Data Exfiltration using Linux Binaries
Threat Hunting: Velociraptor for Endpoint Monitoring
Incident Response: Windows Account Logon and logon Events
Incident Response: Windows Account Management Event (Part 2)
Incident Response: Windows Account Management Event (Part 1)
Incident Response- Linux Cheatsheet
Incident Response: Windows Cheatsheet
Defense Evasion: Alternate Data Streams
SIEM: Log Monitoring Lab Setup with Splunk
Threat Intelligence: MISP Lab Setup
Threat Hunting: Log Monitoring Lab Setup with ELK
Defense Evasion: Hide Artifacts
Remote Code Execution Using Impacket
Abusing Kerberos Using Impacket
Kerberoasting and Pass the Ticket Attack Using Linux
Evil-Winrm: Winrm Pentesting Framework
Domain Persistence: DC Shadow Attack
Domain Persistence AdminSDHolder
Abusing Microsoft Outlook 365 to Capture NTLM
Comprehensive Guide on Password Spraying Attack
Lateral Movement: Pass the Ticket Attack
Lateral Movement: Pass the Cache
Lateral Movement: Over Pass the Hash
Lateral Movement: Pass the Hash Attack
Lateral Movement on Active Directory: CrackMapExec
Deep Dive into Kerberoasting Attack
Domain Controller Backdoor: Skeleton Key
Domain Persistence: Golden Ticket Attack
Data Exfiltration using DNSSteal
RDP Session Hijacking with tscon
Credential Dumping: Windows Autologon Password
Credential Dumping: Fake Services
Credential Dumping: Domain Cache Credential
Credential Dumping: DCSync Attack
Credential Dumping: Local Security Authority (LSA|LSASS.EXE)
Credential Dumping: Phishing Windows Credentials
Credential Dumping: Applications
Credential Dumping: Security Support Provider (SSP)
Credential Dumping: Windows Credential Manager
Credential Dumping: Group Policy Preferences (GPP)
Windows Persistence: Port Monitors
Windows Persistence using Netsh
Windows Persistence using Bits Job
Windows Persistence using WinLogon
Windows Persistence: Accessibility Features
Windows Persistence: RID Hijacking
Windows Persistence using Application Shimming
Bypass Detection for Meterpreter Shell (Impersonate_SSL)
A Deep Drive on Proactive Threat Hunting
Threat Hunting – A proactive Method to Identify Hidden Threat
Evil SSDP: Spoofing the SSDP and UPnP Devices
Multiple Ways to Exploit Windows Systems using Macros
Windows for Pentester: BITSAdmin
Windows for Pentester: Certutil
Command and Control & Tunnelling via ICMP
Cloakify-Factory: A Data Exfiltration Tool Uses Text-Based Steganography
Data Exfiltration using PowerShell Empire
Get Meterpreter Session Alert over slack
Covert Channel: The Hidden Network
Command & Control: WebSocket C2
Command and Control with DropboxC2
Command & Control: Silenttrinity Post-Exploitation Agent
Command and Control Guide to Merlin
nps_payload: An Application Whitelisting Bypass Tool
GreatSct – An Application Whitelist Bypass Tool
Command and Control with HTTP Shell using JSRat
Koadic – COM Command & Control Framework
TrevorC2 – Command and Control
Generate Metasploit Payload with Ps1encode
Bypass Application Whitelisting using Weak Path Rule
Windows Exploitation: rundll32.exe
Windows Exploitation: regsvr32
Windows Exploitation: msiexec.exe
Windows Applocker Policy – A Beginner’s Guide
Multiple Ways to Exploiting Windows PC using PowerShell Empire
Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework
OSX Exploitation with Powershell Empire
Windows Persistence with PowerShell Empire
Multiple Ways to Exploiting OSX using PowerShell Empire