Your Guardian in the Cyber World
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. If you want to beat your adversaries, think like them. A common adage we have all heard. MITRE ATT&CK is just that. A framework to think like adversaries and beat them in their game. It is a culmination of years […]
This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. The lifecycle consisted of following phases, with phases 3-6 being cyclic in nature: Recon (Information Gathering) – In this phase, publicly available information (website, company profile, social media pages, employee profiles etc.) is gathered about the target organization. Initial Compromise […]
A Service Principal Name (SPN) is a unique identifier of a service instance. It is used to link an AD object (service accounts, users, computers etc.) with a service. It can be used as an alternative to a port scan in an Active Directory environment. Some common SPNs are: CIFS host HTTP https IMAP mongod […]
ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class Example: $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher takes the LDAP path to current domain by default Pass ADSI Directory Entry object type as ArgumentList to […]
Long back, I read a book called The Art of Intrusion by Kevin Mitnick, in which he explained some of his successful techniques to infiltrate into an organization’s network. Among them was one that he employed the most, Social Engineering. Social Engineering can be defined as a psychological play on people in order to lead them […]
