| description |
|---|
A collection of blog posts & goodies that I have found useful and continue to reference. |
- ADSecurity - Tons of red teaming and active directory resources
- BadSectorLabs - Updated weekly with attack techniques and tooling
- Mubix - Mubix's blog. Details attacks and research
- SpecterOps - Specter Op's blog. New research and detailed exploitation
- BishopFox - Bishop Fox's blog has tons of different resources! Topics such as red teaming, breaking into the industry, etc.
- TrustedSec - TrustedSec's blog. One of my favorites, tons of good information here
- BlackHillsInfoSec - Blackhills' blog. Lots of different attacks and techniques detailed here
- mr.d0x - Causal Red Team & Security Research Notes from mr.d0x
- Lateral_Movement_Tips_and_Tricks
- Attack_Methods_for_Gaining_Domain_Adin_Rights_in_Active_Directory
- Practical_Usage_of_NTLM_Hashes
- Mitigations_for_LSA_Credential_Exposure
- Red_+Blue=_Purple
- SMI_Protocol_and_why_Nessus_is_wrong
- Internal_Pivot_Network_Enumeration_&_Lateral_Movement
- EyeWitness_and_why_it_Rocks
- Attack_Microsoft_Exchange_Web_Interface
- GoPhish_with_SendGrid
- Finding_Buried_Treasure_in_Server_Message_Block
- Top_Five_Ways_I_Got_Domain_Admin
- A_Complete_Guide_to_Perform_External_Penetration_Testing
- How_I_Learned_to_Love_AD_Explorer
- NTLM_Relaying_via_Cobalt_Strike
- NTLM_Relaying_to_AD_CS
- Phish_for_User_Passwords_with_PowerShell
- Pushing_Your_Way_In
- Password_Spraying_Outlook_Web_Access
- Practical_Guide_to_NTLM_Relaying
- Finding_Buried_Treasure_in_SMB
- Tips_for_Pentesting_a_PCI_Environment
- Top_16_Active_Directory_Vulnerabilities
- Post_Exploitation_Windows_commands
- Shadow_Credentials_Workstation_Takeover_Edition
- Hiding_Behind_the_Front_door
- Attacking_Active_Directory:_0_to_0.9
- Windows_Lateral_Movement_with_SMB_Psexec_and_Alternatives
- Web_Shells_101_Using_PHP