Post Exploitation File Transfers on Windows the Manual Way

Post exploitation techniques for file transfers on Windows operating systems without the use of Metasploit or other advanced tools.

Introduction

No Metasploit! you told yourself, as you accepted the challenge of creating an exploit manually. Taking your time carefully preparing the exploit, will it work, will I get a shell? You run the exploit and are greeted with a reverse cmd.exe shell on the Windows victim, your excitement soon fades however as the post exploitation phase begins you need a way to transfer files. Fear not as there is a multitude of ways to transfer files to and from a Windows victim without advanced tools such as Metasploit.

eLearnSecurity Penetration Testing Professional v4 Review

A review about the eLearnSecurity Penetration Testing Professional v4 course and the related eLearnSecurity Certified Professional Penetration Tester certification and exam.

NOTE:This review is about the eLearnSecurity Penetration Testing Professional v4 (PTP) course. Shortly after I completed the course and exam eLearnSecurity released the PTP v5, an update to the PTP v4 course materials. The plan comparison in this review is for the newer PTP v5 all other sections relate to the now deprecated PTP v4 course materials and exam.

Hack The Box Write-Up Optimum

How I obtained system access on the Optimum machine from Hack The Box.

Introduction

Hack The Box is an online platform that hosts virtual machines that are vulnerable by design to sharpen one’s penetration testing and security skills. Gaining system access on the Optimum machine is not very complex as access can be obtained through several known software vulnerabilities. Because of this the Optimum machine serves as a strong reminder of the importance of timely software updates.

Hack The Box Write-Up Jeeves

How I obtained Administrator access on the Jeeves machine from Hack The Box.

Introduction

Hack The Box is an online platform that hosts virtual machines that are vulnerable by design to sharpen one’s penetration testing and security skills. While Jeeves is not a very complex machine to compromise gaining administrative access still requires several offensive techniques that offer an interesting learning experience.

Hack The Box Write-Up Bashed

How I obtained root access on the Bashed machine from Hack The Box.

Introduction

Hack The Box is an online platform that hosts virtual machines that are vulnerable by design to sharpen one’s penetration testing and security skills. Bashed was a fairly easy but fun machine, it has several configuration errors that when chained together allow an attacker to fully compromise the machine and gain root access.

Pagination


© 2018. All rights reserved.