by frank | Jan 27, 2020 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteThere is a few known ways. The easiest 1st method is to listen to LLMNR broadcast. By Using Responder, our device will publish be the target and the victim will send it’s creds to us as we are acting as MITM (Men in the Middle) Same...
by frank | Dec 13, 2019 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteWhen in the service definition path there is no quotes, the path can be interpreted differently by the OS. A service path with c:\progam files\sub dir\program name can be seen as follow ! c:\program.exe files\sub dir\program name c:\program...
by frank | Nov 11, 2019 | Blue Team, Security
Reading Time: < 1 minuteLPD : https://www.edoeb.admin.ch/edoeb/fr/home/protection-des-donnees/generalites/protection-des-donnees.html Report :...
by frank | Sep 21, 2019 | Blue Team, Windows
Reading Time: 1 minute Disabling NetBIOS over TCP/IP can be done through the registry: Go to HKLM:SYSTEMCurrentControlSetservicesNetBTParametersInterfaces For each connection, then set NetbiosOptions = 2 or by a Powershell script. Found this one which worked fine :...
by frank | Sep 20, 2019 | Blue Team, Security
Reading Time: 1 minute As per RFC : CAA records assert a security policy that the holder of a domain name wishes to be observed by certificate issuers. The effectiveness of CAA records as an access control mechanism is thus dependent on observance of CAA constraints...
by frank | Jun 28, 2019 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteecho %logonserver% findstr /S /I cpassword \\xxDC01\sysvol\xxxdc01\policies*.xml crack cpassword with the default AES key...
Recent Comments