-
Enumeration Smb Port 445
Enumeration | SMB - Port 445 Enumerate with crackmapexec (hostname | domain name might be leaked) crackmapexec smb 10.10.10.123 Enumerate password policy from the domain helpful for brute-forcing crackmapexec smb 10.10.10.123 --pass-pol Enumerate shares crackmapexec smb 10.10.10.123 --shares Enumerate using smbclient Enumerate shares smbclient -L //10.10.10.123 Enumerate shares smbmap -H...
-
Curl Commands
Curl Commands Get Command ~# curl http://10.10.53.235:8081/ctf/get thm{****f99f} Post Commands ~# curl http://10.10.53.235:8081/ctf/post -d "flag_please" thm{****ba09} Get a cookie and save to desktop ~# curl http://10.10.53.235:8081/ctf/getcookie -c Desktop/cookie.txt Check your cookies! Curl command with cookie ~# curl http://10.10.53.235:8081/ctf/sendcookie -b flagpls=flagpls thm{****47b3}
-
Basic Nmap Commands
Basic Nmap Commands Basic Ping Scan against a network range nmap -sn 192.168.0.0/24 TCP Scan with Default Scripts and OS detection against a network range nmap -sT -sC -O 192.168.0.0/24 UDP Scan against a network range nmap -sU 192.168.0.0/24 Single Port scan with Default Scripts against a single target nmap...
-
Wvd Azure Review
WVD Azure Review Windows Virtual Desktop (WVD) 6 Controls to check Identity - Conditional Access, MEM support, MFA Session Host - Defender ATP, Policies Apps - Application Control, Applocker Infrastructure - Azure Security Center, Secure Score, Best Practices Networking - Reverse Connect, Service tags, Firewall Data - Information Protection, Azure...
-
Microsoft 365 Series Part 1
Microsoft 365 Series - Part 1 Office 365 attacks *14/07/2021 Zak Clifford Security Consultant/Penetration Tester @ Cognisys* Zak’s Top 5 Recommendations for Office 365 Security Ensure mailbox audit logging is enabled on all accounts (where possible) The good ole saying “you can’t secure what you can’t see” applies here. Enabling...