What is Kerberoasting? Kerberoasting is a post-exploitation attack where attackers exploit service accounts in Active Directory environments. These accounts often have weak passwords that can be cracked offline once their Kerberos tickets are retrieved. In simple terms: Understanding Kerberoasting: A Real-World Analogy Imagine you have a high-security safe. To access it, you need a key. […]
IPv6 / MiTM6 Attack
What is an IPv6 Attack? MiTM6 attacks are Active Directory attacks in which we secretly intercept and modify communication between two parties. This attack requires us to put ourselves in the middle of the communication, serving as a go-between. This allows us to intercept and manipulate the messages exchanged between the two parties without their […]
SMB Relay Attack
Understanding SMB Relay Attack SMB relay attacks exploit the way SMB handles authentication, particularly when using NTLM. Here’s a simple breakdown: Attack Requirements Exploiting SMB Relay Attack During a real-time assessment, it’s recommended to launch the SMB Relay attack at the start of the day or before employees’ log in. Let it run in the […]
LLMNR Poisoning
Simplifying Local Network Name Resolution (LLMNR) LLMNR (Link-Local Multicast Name Resolution) is a handy protocol that allows devices on the same local network to find each other without the need for a DNS server or any DNS configurations. Here’s how it works: LLMNR replaces an older protocol called NetBIOS, which was commonly used in early […]
AD Reconnaissance
Enumerate Active Directory Network In this blog, we will perform Active Directory pentesting and reconnaissance on the AD environment. These approaches are based entirely on real-time Active Directory assessments. We will cover topics designed for users who have a basic understanding of Active Directory. Recon with NetExec: First, use Netexec on the list of subnets […]