Welcome back my fellow hackers! Today we're going to be starting the topic of maintaining access. First, we'll discuss … [Read More...]
Featured Articles
How to Steal Windows Credentials with Mimikatz and Metasploit
Welcome back my fellow hackers! Today we're going to be deviating from our antivirus evading escapades to discuss a tool … [Read More...]
Evading Anti-virus Part 2: Obfuscating Payloads with Msfvenom
Welcome back hackers. In the last edition of our journey into evading anti-virus, we used Shellter to infect EXEs with a … [Read More...]
Latest Blog Updates
Loading...
Networking Basics Part 1: Introduction and the OSI Model
Hello my fellow hackers! Today we're going to be introducing a topic we should've covered long ago, networking. Having an understanding of networking gives us a better understanding of how computers interact with each other. If we understand how these systems communicate over the network, we can better manipulate parts of the network to our advantage. Things such as routers and switches allow us to reach other parts of the network, and learning to manipulate such devices could allow for greater access to the network as a whole. The first couple of articles in this series will be all about the basics. We'll start … [Read More...]
Maintaining Access Part 1: Introduction and Metasploit Example
Welcome back my fellow hackers! Today we're going to be starting the topic of maintaining access. First, we'll discuss the concept of maintaining access and why it's important. Then we'll move on to our lab where we'll compromise a PC and set up a backdoor so we can come back to it. The Concept of Maintaining Access When a system is compromised, the attacker is given temporary access to it (not including compromised management services such as SSH, telnet, etc.). If the system were to power cycle or the gained access be interrupted by some means, access would be lost. But, if quick action is taken by the … [Read More...]
How to Steal Windows Credentials with Mimikatz and Metasploit
Welcome back my fellow hackers! Today we're going to be deviating from our antivirus evading escapades to discuss a tool that I've recently started using, Mimikatz. Mimikatz is a tool to automate many Windows hacking tactics. The capabilities of mimikatz stretch much further than a single article, so today we're going to be focusing on a basic function of mimikatz, stealing Windows credentials straight from memory. Lucky for us, Rapid7 has included mimikatz into Metasploit, which makes it very easy to use. In our exercise today, we're going to be compromising a Windows 7 VM and using Mimikatz within Metasploit … [Read More...]
Evading Anti-virus Part 2: Obfuscating Payloads with Msfvenom
Welcome back hackers. In the last edition of our journey into evading anti-virus, we used Shellter to infect EXEs with a payload. Today we're going to be taking it down a notch and talking about obfuscating payloads with msfvenom. Obfuscation is the concept that we can take our payload and change its signature. If we can change its signature, it can help us to get past anti-virus. Obfuscation in and of itself is usually not enough to fool today's anti-virus, but it may be effective against out-of-date or some lesser anti-virus software. That being said, its still important that we review and understand … [Read More...]
Evading Anti-virus Part 1: Infecting EXEs with Shellter
Welcome back my fellow hackers! Today we're going to be entering some new territory. When we're attempting to compromise a system, we need to be stealthy. A part of this stealthiness is learning to evade antivirus software. To start us on this journey, we're going to be talking about a tool called Shellter. Shellter is a tool that allows us to inject payloads into a legitimate Windows executable (EXE) file. This injection allows us to disguise a payload as a real executable, which can drastically increase our chances of getting past antivirus. In order to demonstrate this technique, we're going to be injecting … [Read More...]
Like Us On Facebook
Become a Member
