Quantcast
Channel: HåCkDÖx » HateHåCkDÖx
Browsing all 10 articles
Browse latest View live

Post-Exploitation in Windows: From Local Admin To Domain Admin (efficiently)

There are some excellent tools and techniques available to pentesters trying to convert their local admin rights into domain admin rights.  This page seeks to provide a reminder of some of the most...

View Article



Preventing Web-based Directory Enumeration Attacks Against IIS

I received an interesting tip from Munish about how to prevent directories from being easily identified in IIS.  I’ve updated my original post about directory enumeration with the following info:...

View Article

Post-Exploitation Without A TTY

This is a follow-up to a topic I touched on breifly before when I talked about the problem of trying to use the SSH client when you don’t have a TTY.  I was recently in a position where I got an...

View Article

Using SSH Without A TTY

I recently received a mail asking how to get SSH to work from within a reverse shell (see php-reverse-shell , php-findsock-shell and perl-reverse-shell ).  I thought I’d write a brief description of...

View Article

The Perfect Web Backdoor

I’m sure most pentesters have had cause to use the likes of cmdasp.asp, or cobble together a simple PHP script based around “passthru” or “system”.  There’s loads more functionality that would be...

View Article


Great Word List

One of the biggest and most comprehensive collection of 1,493,677,782 word for Password cracking list released for download. The wordlists are intended primarily for use with password crackers such as...

View Article

Recon Script

Not sure where I picked this little gem up but what a great recon batch script. @Echo off echo Starting. Do not close program. Please wait 15 seconds. ::Generate a unique filename set...

View Article

Image may be NSFW.
Clik here to view.

Using and Abusing Alternate Data Streams

I love you SynJunkie your site rocks and I have mad respect. This blog post is to detail a very simple method that has been used by viruses, malware authors and others to hide data. What are Alternate...

View Article


Fun with Tcpdump

Tcpdump is a really useful program for capturing packets that are on the wire. It can be used to view packets going through your own interface, on a network with a hub, or on a switched network...

View Article


Huge List of Pentesting links.. Nice, makes me want to create a huge links...

Blogs Worth It: What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work. http://carnal0wnage.blogspot.com/...

View Article
Browsing all 10 articles
Browse latest View live




Latest Images