on Cloud, AWS, Terraform, Red-Baron, TerraformFun, Google Cloud, GoPhish, Automate, Redteaming, Phishing

Going Phishing with Terraform

Terraform is a tool for building, changing, and versioning cloud or local infrastructure safely and efficiently. Using Terraform Red Teams can quickly spin up offensive resources.…

on SMB, Samba, penetration test, Internal Network, Enumeration, SMBClient, NULL Session, Kali Linux, Linux, windows

Using SMBClient to Enumerate Shares

This blog post seeks to demonstrate the vulnerabilities of SMB NULL sessions, and how to test them with smbclient.…

on CrackMapExec, CME, byt3bl33d3r, Impacket, Post Exploitation, SMB, Lateral Movement, Hacking, Kali Tools, Information Gathering, Internal Network, Pentest, Powershell

Bow Before the All Powerful CrackMapExec!!

CrackMapExec more commonly referenced as CME is a post-exploitation tool that helps automate assessing the security of Active Directory networks.…

on Active Directory, Kerberos, SPN, Service Principal Name, Services

SPN Scanning - Stealthy Port Scanning

Use SPN Scanning to avoid detection and find where in a Kerberos network services live.…

on Powershell, Microsoft, ExecutionPolicy, Bypass

PowerShell ExecutionPolicy Bypass

By default PowerShell is configured to prevent the execution of PowerShell scripts on Windows systems.…