Yaksas CSC

Your Guardian in the Cyber World

  • Yaksas CSC Home
  • Home
  • About Us
    • Overview
    • Why Yakṣas?
  • Got a Question?
    • Cyber Security Basics
    • Cyber Security Education & Career
    • How to stay safe?
  • Get Invloved
    • Write for Us
    • YCSC QnA Dialogue
    • Translate Articles
  • Contact Yakṣas
  • Press Release
    • NCSAM 2015 Champion
    • STOP. THINK. CONNECT. Partner
Red Team Operations Attack Lifecycle

Uday Mittal January 3, 2021

Red Team Operations Attack Lifecycle

This post is part of our course Adversary Emulation 101: Mimicking a real-world cyber attack. The lifecycle consisted of following phases, with phases 3-6 being cyclic in nature: Recon (Information Gathering) – In this phase, publicly available information (website, company profile, social media pages, employee profiles etc.) is gathered about the target organization. Initial Compromise […]

Filed Under: Adversary Emulation Tagged With: Penetration Testing, red team

PoshC2: A Red Teamer’s Notes

Uday Mittal July 8, 2020 Leave a Comment

PoshC2: A Red Teamer’s Notes

This is an ongoing post containing my notes on PoshC2 usage. What is PoshC2? PoshC2 is a command and control software. It is used to carry out post-exploitation tasks such as persistence, privilege escalation, lateral movements etc. during penetration testing and red teaming exercises. It supports Python3, PowerShell (v2 and v5), C# and C++. The […]

Filed Under: CnC Tagged With: command and control, poshc2, post-exploitation, red team

SPN Scanning using ADSI (Part 3)

Uday Mittal July 8, 2020 Leave a Comment

SPN Scanning using ADSI (Part 3)

A Service Principal Name (SPN) is a unique identifier of a service instance. It is used to link an AD object (service accounts, users, computers etc.) with a service. It can be used as an alternative to a port scan in an Active Directory environment. Some common SPNs are: CIFS host HTTP https IMAP mongod […]

Filed Under: ADSI, Enumeration Tagged With: Active directory, adsecurity, adsi, adsisearcher, attack active directory, crte, crtp, domain enumeration, forest enumeration, offensive security, Penetration Testing, pentest, powersploit, Powerview, red team, spn, spn scanning, user enumeration, windows 2016 windows security

ADSISearcher (Part 2)

Uday Mittal July 8, 2020 1 Comment

ADSISearcher (Part 2)

ADSISearcher is a class for searching for objects in Active Directory. It is part of .NET framework (System.DirectoryServices.DirectorySearcher) and van be accessed via PowerShell by creating object for the above class Example: $adsiSearcherObj = New-Object –TypeName System.DirectoryServices.DirectorySearcher takes the LDAP path to current domain by default Pass ADSI Directory Entry object type as ArgumentList to […]

Filed Under: ADSI, Enumeration Tagged With: Active directory, adsecurity, adsi, adsisearcher, attack active directory, crte, crtp, domain enumeration, forest enumeration, offensive security, Penetration Testing, pentest, powersploit, Powerview, red team, user enumeration, windows 2016, windows security, yaksas csc

Optin Form

Search

Follow us on Twitter

My Tweets

Categories

Tags

Active directory Active directory lab adsecurity adsi adsisearcher Android attack active directory awareness blue whale challenge Certification CISSP crte crtp cyber-warfare Cyber Security Cybersecurity books Cybersecurity Cannon domain enumeration Edward Snowden ellitedevs forest enumeration hacker Information Security ISACA Kali Linux lab environment lab hardware Mass Surveillance Mobile Security Narendra Modi NSA offensive security Online Safety Password Penetration Testing pentest powersploit Powerview privacy red team Risk Management Social Media user enumeration Wifi Windows

Top Posts

  • Active Directory User Enumeration using PowerView
    Active Directory User Enumeration using PowerView
  • Mona.py for exploit devs: 6 must know commands
    Mona.py for exploit devs: 6 must know commands
  • DCPP: Everything You Need to Know
    DCPP: Everything You Need to Know
  • Active Directory Network Recon using PowerView
    Active Directory Network Recon using PowerView
  • Are you sharing sensitive information over WhatsApp?
    Are you sharing sensitive information over WhatsApp?
  • Web App Pentesting using BodgeIt Store (Part 1)
    Web App Pentesting using BodgeIt Store (Part 1)

© Copyright 2020 ElliteDevs · All Rights Reserved · Powered by WordPress