Cheat Sheets

Configuring Kali

Adding additional security auditing tools to Kali.

Infrastructure

Attacking MSSQL

Compromising MSSQL databases, and escalating privileges.

Infrastructure

Golden gMSA Attacks

Extracting gMSA service accounts from child domains.

Infrastructure

SID History Abuse

Modifying SID History values to compromise parent domains.

Infrastructure

Backup Operator Privilege Escalation

Extracting domain controller credentials using the Backup Operators group.

Infrastructure

Active Directory Explorer

Using Microsoft AD Explorer to collect Active Directory attack path information.

Infrastructure

Active Directory DACL Attacks

Exploiting misconfigured Active Directory access control lists.

Malware Dev

Persistence Mechanisms

Maintaining access to a target system.

Infrastructure

Entra ID Connect

Extracting credentials from Azure Entra Connect.

Malware Dev

Password Filters

Using password filters to intercept logon credentials.

Infrastructure

Coerced Authentication

Persuading Windows hosts to provide machine account credentials.

Exploit Dev

LD_PRELOAD Exploitation

Using LD_PRELOAD for dynamic function hooking and privilege escalation.

Infrastructure

IPv6 Penetration Testing

Testing IPv6 security.

Infrastructure

Bypassing Multi Factor Authentication

Intercepting multi factor authentication credentials using an Nginx reverse proxy.

Infrastructure

Phishing

Sending Phishing emails to capture login credentials.

Infrastructure

Terraform

Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.

Malware Dev

Keystroke Logging

Logging Keystrokes with SetWindowHookEx.

Malware Dev

Process Mitigation Policies & ACG

Attempting to use binary signature policies and arbitrary code guard to bypass userland hooks.