Gesamtlänge aller Episoden: 10 days 22 hours 50 minutes
Today my and I continued hacking (see part one ) and learned some interesting things: You can fuzz a URL with a specific file type using a format like this: wfuzz -c -z file,/root/Desktop/wordlist.txt --hc 404...
In today's tale of pentest pwnage we talk about: The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure Copying files via WinRM when copying...
Today Amanda Berlin from teaches us how to unlock the power of Sysmon so we can gain insight into the good, bad and ugly things happening on our corporate endpoints! Key takeaways: turns your windows logging up to 11, and pairs...
Today my pal Paul from and I hack the heck out of a vulnerable virtual machine that is celebrating its 7th anniversary this month!
Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check for more info on building your Kali preseed file, but...
Hey friends, today I'm super excited to share I found the missing link! Specifically, the missing piece that now allows me to create fully automated Windows 10 installs that serve as virtual pentest jumpboxes. Here are the high points: When...
In today's tale of pwnage, we'll talk about how domain trusts can be dangerous because they have...well...trust issues.
Today we talk about crafting cool cred-capturing phishing campaigns with ! Here's a quick set of install commands for Ubuntu: sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf...
Today we had a blast playing with as a SIEM you can use for work and/or home. Inspiration for this episode came from . This one-liner will literally get Wazuh installed in about 5 minutes: curl -sO...
Oooo, giggidy! Today's tale of pentest pwnage is about pwning vCenter with CVE-2021-44228 - a vulnerability that lets us bypass authentication entirely and do/take what we want from vCenter! Key links to make the magic happen: