Yaksas Security

Cyber Security Research

  • Yaksas Security Home
  • Home
  • Yaksas Security Classroom
  • Learn Adversary Emulation
  • Contact Yaksas
Book Review: Ethical Hacking

Uday Mittal December 10, 2022

Book Review: Ethical Hacking

It’s been some time since I posted my last review, so here comes the next one. This one is for the book Ethical Hacking by Daniel G. Graham. It’s been a couple of months since I finished this book. That’s the time it takes (at least for me) to truly absorb all the information presented […]

Filed Under: Book Reviews Tagged With: cybersecurity, Cybersecurity books, Ethcial hacking, offensive security, Penetration Testing

Book Review: Pentesting Azure Applications

Uday Mittal December 27, 2021 Leave a Comment

Book Review: Pentesting Azure Applications

In continuance of my research in cloud security, I picked up another book on Azure security. The book was Pentesting Azure Applications – The Definitive Guide to Testing and Securing Deployments by Matt Burrough. I got it as part of the Humble Book Bundle.  It was published in July 2018 and was the only book […]

Filed Under: Book Reviews Tagged With: azue, Cloud security, Penetration Testing

Book Review: Penetration Testing Azure for Ethical Hackers

Uday Mittal December 23, 2021

Book Review: Penetration Testing Azure for Ethical Hackers

I have been researching cloud security off late. Recently, the book, Penetration Testing Azure for Ethical Hackers by David Okeyode , Karl Fosaaen, showed up on my Twitter feed. The book had good reviews so I decided to pick it up.  It was published recently (at the time of writing), in November 2021 (another reason […]

Filed Under: Book Reviews Tagged With: Azure, Azure Active Directory, Cloud security, Penetration Testing

Introduction to MITRE ATT&CK Framework

Uday Mittal January 13, 2021

Introduction to MITRE ATT&CK Framework

  This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. If you want to beat your adversaries, think like them. A common adage we have all heard. MITRE ATT&CK is just that. A framework to think like adversaries and beat them in their game. It is a culmination of […]

Filed Under: Adversary Emulation Tagged With: Penetration Testing, red teaming

Red Team Operations Attack Lifecycle

Uday Mittal January 3, 2021

Red Team Operations Attack Lifecycle

This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. The lifecycle consisted of following phases, with phases 3-6 being cyclic in nature: Recon (Information Gathering) – In this phase, publicly available information (website, company profile, social media pages, employee profiles etc.) is gathered about the target organization. Initial Compromise […]

Filed Under: Adversary Emulation Tagged With: Penetration Testing, red team

SPN Scanning using ADSI (Part 3)

Uday Mittal July 8, 2020 Leave a Comment

SPN Scanning using ADSI (Part 3)

A Service Principal Name (SPN) is a unique identifier of a service instance. It is used to link an AD object (service accounts, users, computers etc.) with a service. It can be used as an alternative to a port scan in an Active Directory environment. Some common SPNs are: CIFS host HTTP https IMAP mongod […]

Filed Under: ADSI, Enumeration Tagged With: Active directory, adsecurity, adsi, adsisearcher, attack active directory, crte, crtp, domain enumeration, forest enumeration, offensive security, Penetration Testing, pentest, powersploit, Powerview, red team, spn, spn scanning, user enumeration, windows 2016 windows security

ADSISearcher (Part 2)

Uday Mittal July 8, 2020 1 Comment

ADSISearcher (Part 2)

ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class Example: $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher takes the LDAP path to current domain by default Pass ADSI Directory Entry object type as ArgumentList to […]

Filed Under: ADSI, Enumeration Tagged With: Active directory, adsecurity, adsi, adsisearcher, attack active directory, crte, crtp, domain enumeration, forest enumeration, offensive security, Penetration Testing, pentest, powersploit, Powerview, red team, user enumeration, windows 2016, windows security, yaksas csc

Social-Engineer Toolkit: An Introduction

Spandan Chowdhury August 22, 2015 Leave a Comment

Social-Engineer Toolkit: An Introduction

Long back, I read a book called The Art of Intrusion by Kevin Mitnick, in which he explained some of his successful techniques to infiltrate into an organization’s network. Among them was one that he employed the most, Social Engineering. Social Engineering can be defined as a psychological play on people in order to lead them […]

Filed Under: Under the Hood Tagged With: Kali Linux, Penetration Testing, SET, Social Engineering, Social-Engineer Toolkit

Optin Form

Search

Follow us on Twitter

My Tweets

Categories

Tags

(ISC)2 Active directory adsecurity adsi adsisearcher adversary emulation Android attack active directory awareness blue whale challenge Certification CISSP Cloud security crte crtp cyber-warfare cybersecurity Cyber Security Cybersecurity books domain enumeration ethical hacking forest enumeration hacker Information Security ISACA Kali Linux Mobile Security Narendra Modi NSA offensive security Online Safety opsec Password Penetration Testing pentest powersploit Powerview privacy red team red teaming Risk Management Social Engineering user enumeration Wifi Windows

Top Posts

  • Mona.py for exploit devs: 6 must know commands
    Mona.py for exploit devs: 6 must know commands
  • What is Adversary Emulation?
    What is Adversary Emulation?
  • Build Your Career in Cyber Security
    Build Your Career in Cyber Security
  • CISA: Everything You Need to Know
    CISA: Everything You Need to Know
  • Let there be no more MMS Scandals
    Let there be no more MMS Scandals
  • 7 Ways to Cover Your Device's Camera
    7 Ways to Cover Your Device's Camera

© Copyright 2020 ElliteDevs · All Rights Reserved · Powered by WordPress