Password

Kerberoasting

In this tutorial, I will cover one of my favourite Privilege Escalation techniques “Kerberoasting”. I will not only show you how to perform a kerberoasting attack but also how you can mitigate and start to detect Keroasting in your environment. If you would like to follow along with this tutorial make sure you have your Active Directory LAB all set up, If not Check out my tutorial here. Also, make sure you have a…

Illustrated Tutorial for Installing Microsoft LAPS

In this Tutorial, I cover the Installation and deployment of Microsoft LAPS on a Windows Domain. Giving you an Illustrated step by step guide through the whole process. LAPS stands for Local Administrator Password Solution and provides management of Local administrator passwords of any domain joined Windows Client. Once installed, the Local Administrator password becomes stored centrally in Active Directory. In-turn, only allowing domain admins or specified users to read or reset these local…

Crack the Hash Challenge

In this tutorial i am going to be doing something a bit different then my normal tutorials and create a walk-through for the crack the hash challenge from tryhackme.com I recently purchased a new NVIDIA Graphics card for my Lab PC, nothing to special just a 1050 TI to try and crack hashes a little faster then my poor laptop could handle. So i thought i would take the opportunity to level up on…

Password Audit: Extracting hashes from Ntds.dit

In this tutorial, I will show you how to do a password audit of a Windows Domain Controller by extracting the NTLM password hashes from the Ntds.dit file; In order to crack the hashes with Hashcat and see their clear text value The Ntds.dit is a database that stores Active Directory data, which includes all the password hashes for all the users of the domain. To be able to retrieve the NTLM password hashes, we…

Scroll to top