Dumping Credentials – SAM File Hashes
In this post we will review various techniques that can be used to extract a copy of the SAM and SYSTEM files from a Windows host. We will explore how to do…
Read More
Dumping Credentials – LSASS Process Hashes
In this post we are going to explore various tools and techniques we can use to dump the LSASS process. We will have a look at an example scenario and practical example…
Dumping Credentials – LSA Domain Hashes
In this blog post we will be exploring how to dump all of the hashes in a domain using an LSA dump. To do this, we will be using three different versions…
Domain Persistence – Golden Ticket and Silver Ticket Attacks
In this blog post we are going to explore both golden ticket and silver ticket attacks. We will use Mimikatz to forge both a golden and silver ticket and see how we…
AS-REP Roasting
In this blog post we will look at how to perform AS-REP roasting in two different ways, how to use hashcat to crack a krbasrep5 hashes, and how to mitigate this type…
Kerberoasting
In this blog post we will have a look at three different ways to perform kerberoasting, how to use hashcat to crack the service ticket (hash), and a few ways that we…