While digging into the usage of Responder.py, I came across this post and video [https://cqureacademy.com/blog/penetration-testing/web-proxy-auto-discovery-protocol] that I found pretty intriguing. I was aware of using Responder.py
This was a very tough box for me and I needed a hint from the forums to complete it - the box is rated 'insane' for a reason! Nmap scan: HTTP shows: I
As I had mentioned in my OSCP writeup [https://t3chnocat.com/oscp-writeup/], one thing not covered in the course was Active Directory and Windows networks. I've been learning on my own in my
While playing around with NTLMRelayx (part of an upcoming post) on various Windows VMs, I found I was having trouble getting a reverse Meterpreter connection over HTTPS from a Windows 7 machine to
LaCasaDePapel was a little tricky for me because I had never seen one of the things needed to solve it (here's looking at you Psy Shell) and went down a rabbit hole... Nmap
This was a fairly straightforward box that was good fun. Nmap scan: I checked out ftp first but anonymous access was disabled. Next up was smb: While enumerating, I found that the Development