Yaksas CSC

Your Guardian in the Cyber World

The Three Command and Control Tiers

The Three Command and Control Tiers

This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. A well designed Command and Control (C2) infrastructure is critical to the success of an adversary emulation exercise. During an engagement, established C2 sessions may get disconnected frequently. Whenever this happens, there might be a temptation to re-exploit the target […]

Book Review: Red Team Development and Operations by Joe Vest and James Tubberville

Book Review: Red Team Development and Operations by Joe Vest and James Tubberville

I recently picked up this book, Red Team Development and Operations by Joe Vest and James Tubberville, while searching for material to read on Red Teaming. While this is not the only book on the subject, I was intrigued by the ‘Zero-Day Edition’ (along with this content, of course). Also, it was published recently (at […]

Book Review: Container Security by Liz Rice

Book Review: Container Security by Liz Rice

Content overview The book’s tagline, “Fundamental Technology Concepts that Protect Containerized Applications”, provides an apt description of the content. It starts with basic concepts which are necessary to understand before we set out to secure containers. Even though the book is divided into 14 chapters, they can be rolled up into following three broad categories: […]

Red Team Operations Attack Lifecycle

Red Team Operations Attack Lifecycle

This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. The lifecycle consisted of following phases, with phases 3-6 being cyclic in nature: Recon (Information Gathering) – In this phase, publicly available information (website, company profile, social media pages, employee profiles etc.) is gathered about the target organization. Initial Compromise […]

Book Review: Web Application Security by Andrew Hoffman

Leave a Comment

Book Review: Web Application Security by Andrew Hoffman

I recently came across this book, Web Application Security by Andrew Hoffman, while searching for material to read on how to secure web applications. There are many books available on this topic. I picked this one specifically because of it’s recent publication date. It was published in March 2020 (about 5 month back, at the […]

PoshC2: A Red Teamer’s Notes

Leave a Comment

PoshC2: A Red Teamer’s Notes

This is an ongoing post containing my notes on PoshC2 usage. What is PoshC2? PoshC2 is a command and control software. It is used to carry out post-exploitation tasks such as persistence, privilege escalation, lateral movements etc. during penetration testing and red teaming exercises. It supports Python3, PowerShell (v2 and v5), C# and C++. The […]

SPN Scanning using ADSI (Part 3)

Leave a Comment

SPN Scanning using ADSI (Part 3)

A Service Principal Name (SPN) is a unique identifier of a service instance. It is used to link an AD object (service accounts, users, computers etc.) with a service. It can be used as an alternative to a port scan in an Active Directory environment. Some common SPNs are: CIFS host HTTP https IMAP mongod […]

ADSISearcher (Part 2)

1 Comment

ADSISearcher (Part 2)

ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class Example: $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher takes the LDAP path to current domain by default Pass ADSI Directory Entry object type as ArgumentList to […]

AD Exploitation using ADSI – Part 1 (Introduction)

Leave a Comment

AD Exploitation using ADSI – Part 1 (Introduction)

Active Directory Service Interfaces (ADSI) – A set of Component Object Model (COM) interfaces for managing Active Directory services. It can be utilized in several scripting and programming languages. Enables reading, adding and managing Active Directory Objects Part of .NET framework: System.DirectoryServices.DirectoryEntry (ADSI) System.DirectoryServices.DirectorySearcher (ADSISearcher) Can be accessed via PowerShell by creating objects for above […]

Active Directory User Enumeration using PowerView

Leave a Comment

Active Directory User Enumeration using PowerView

PowerView, developed by Will Schroeder (@harmj0y), is a PowerShell tool to gain network situational awareness on Windows domains. It is now a part of PowerSploit suite. You can download PowerView from here. As a pentester, you can leverage PowerView to find out information about domain users. Following commands will help you with that (watch the […]

Categories

Tags

Active directory Active directory lab adsecurity adsi adsisearcher Android attack active directory awareness blue whale challenge Certification CISSP command and control crte crtp cyber-warfare Cyber Security Cybersecurity books Cybersecurity Cannon domain enumeration Edward Snowden ellitedevs forest enumeration hacker Information Security ISACA Kali Linux Mass Surveillance Mobile Security Narendra Modi NSA offensive security Online Safety Password Penetration Testing pentest poshc2 powersploit Powerview privacy red team Risk Management Social Media user enumeration Wifi Windows

Top Posts