Yaksas Security

Cyber Security Research

  • Yaksas Security Home
  • Home
  • Yaksas Security Classroom
  • Learn Adversary Emulation
  • Contact Yaksas
Active Directory Exploitation using ADSI - Part 1 (ADSI Introduction)

AD Exploitation using ADSI – Part 1 (Introduction)

DDoS: When Servers won't serve

DDoS Attacks: When Servers Won’t Serve

Career in Cyber Security

Cyber Security Education & Career

AD Exploitation using ADSI – Part 1 (Introduction)

Uday Mittal July 8, 2020 Leave a Comment

AD Exploitation using ADSI – Part 1 (Introduction)

Active Directory Service Interfaces (ADSI) – A set of Component Object Model (COM) interfaces for managing Active Directory services. It can be utilized in several scripting and programming languages. Enables reading, adding and managing Active Directory Objects Part of .NET framework: System.DirectoryServices.DirectoryEntry (ADSI) System.DirectoryServices.DirectorySearcher (ADSISearcher) Can be accessed via PowerShell by creating objects for above […]

Filed Under: ADSI Tagged With: active direcgtory, adsi, adsisearcher, enumeration, powershell

Active Directory User Enumeration using PowerView

Uday Mittal July 8, 2020 Leave a Comment

Active Directory User Enumeration using PowerView

PowerView, developed by Will Schroeder (@harmj0y), is a PowerShell tool to gain network situational awareness on Windows domains. It is now a part of PowerSploit suite. You can download PowerView from here. As a pentester, you can leverage PowerView to find out information about domain users. Following commands will help you with that (watch the […]

Filed Under: Enumeration Tagged With: powersploit, Powerview, recon, user enumeration

Active Directory Network Recon using PowerView

Uday Mittal July 8, 2020 Leave a Comment

Active Directory Network Recon using PowerView

Once you have compromised a machine in an Active Directory environment, the next thing you do is post-exploitation network recon. PowerView, developed by Will Schroeder (@harmj0y), is a PowerShell tool to gain Active Directory network situational awareness on Windows domains. It is now a part of PowerSploit suite. You can download PowerView from here. Learn […]

Filed Under: Enumeration, Lab Tagged With: domain enumeration, forests, network recon, powersploit, Powerview

Purple AD – Active Directory Lab Environment

Uday Mittal July 8, 2020 3 Comments

Purple AD – Active Directory Lab Environment

Playing around with an Active Directory environment is fun. Whether we do it as sysadmin or security researcher, we need a lab environment to work with. The following video provides an overview of the AD lab I have built using my computer systems. I will be using this lab in further Purple AD posts to […]

Filed Under: Lab Tagged With: Active directory lab, lab environment, lab hardware

Web App Pentesting using BodgeIt Store (Part 1)

Uday Mittal February 4, 2020 Leave a Comment

Web App Pentesting using BodgeIt Store (Part 1)

This video shows how to set up the lab environment for this YCSC Let’s Learn series. It covers installing Docker on Kali Linux 2019.4, pulling and running the BodgeIt Store docker image from Docker Hub. A virtual image of Kali Linux could be downloaded from https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/ What is BodgeIt Store? A vulnerable web application aimed at […]

Filed Under: Skills Development Tagged With: bodgeit store, docker, ellitedevs, Kali Linux, penetration testing process, pentest, psiinon, web application penetration testing, web security, website hacking, yaksas

Mona.py for exploit devs: 6 must know commands

Uday Mittal July 23, 2019 Leave a Comment

Mona.py for exploit devs: 6 must know commands

When it comes to exploit development for Microsoft Windows, Mona.py is the go to library for most security researchers. In this post I list six commands that I use often. Watch the video for demonstration. What is Mona.py? A pycommand for Immunity Debugger, designed and developed to aid the exploit development process Automates various tasks […]

Filed Under: Hacks, Technology Tagged With: bad character analysis, corelan, corelancoder, Cyber Security, ethical hacking, exploit development, immunity debugger, infosec, mona library, offensive security, osce, oscp, Peter Van Eeckhoutte

Understand and restrict admin access in your organization

Uday Mittal July 15, 2019 Leave a Comment

Understand and restrict admin access in your organization

In today’s time, providing users with unjustified administrator access on their work systems, could lead to significant business loss. A careless user may download a benign looking file and the next moment you may find yourself battling an organization wide ransomware attack. Here’s a quick guide for small business owners on how to tame this […]

Filed Under: Awareness, Technology Tagged With: administrator access restriction, cybersecurity, Information Security, least privilege, secure access

SLAE: Assignment #5.3

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.3

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: Contents of file /etc/issue: Testing shellcode with run_shellcode.c Let’s analyze the shellcode with gdb: Placed a breakpoint at code […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #5.2

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.2

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: /etc/passwd file before executing the shellcode: Testing shellcode with run_shellcode.c Let’s analyze the shellcode with gdb: Placed a breakpoint […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #5.1

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.1

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: File permission before exectuing the shellcode: Testing shellcode with run_shellcode.c Chmod system call details: The chmod system call takes […]

Filed Under: Skills Development, SLAE

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 9
  • Next Page »

Optin Form

Search

Follow us on Twitter

My Tweets

Categories

Tags

(ISC)2 Active directory adsecurity adsi adsisearcher adversary emulation Android attack active directory awareness blue whale challenge Certification CISSP Cloud security crte crtp cyber-warfare cybersecurity Cyber Security Cybersecurity books domain enumeration ethical hacking forest enumeration hacker Information Security ISACA Kali Linux Mobile Security Narendra Modi NSA offensive security Online Safety opsec Password Penetration Testing pentest powersploit Powerview privacy red team red teaming Risk Management Social Engineering user enumeration Wifi Windows

Top Posts

  • ADSISearcher (Part 2)
    ADSISearcher (Part 2)
  • Social-Engineer Toolkit: An Introduction
    Social-Engineer Toolkit: An Introduction
  • Let there be no more MMS Scandals
    Let there be no more MMS Scandals
  • Make Remote Access Your Ally
    Make Remote Access Your Ally
  • 7 Ways to Cover Your Device's Camera
    7 Ways to Cover Your Device's Camera
  • Mona.py for exploit devs: 6 must know commands
    Mona.py for exploit devs: 6 must know commands

© Copyright 2020 ElliteDevs · All Rights Reserved · Powered by WordPress