Hacking Active Directory: Redux - Back to the Start.

This was an idea that if you're reading this blog and have looked at previous posts, you will see isn't new. It's a rehash of the thing I wanted to do when I started this blog. My goal here has been to post about things that I've had success with as a means to helping others, but also to force me to really understand and examine the concepts I'm posting about. The goal for these posts was to have a "real life" small scale pentest to show how you can enumerate and attack Windows hosts in an Active Directory network. When I first started in on this idea, I quickly realized the problem with my idea...I was trying to blog about something I was still learning, which makes for a very slow and tedious process. Now that I've completed the wonderful  TCM Security Practical Ethical Hacking course , along with the other Windows and Linux Privilege Escalation courses, I'm in the stage of going back and re-examining my knowledge and notes before taking the PNPT

Cyber Security Studying or: How I Learned to Stop Hand-Writing and Love the Digital Docs

In life, learning to study is a critical skill to have...something that I discovered sadly late in life. Throughout my life, I struggled with sorting out my ADHD and finding ways to learn that worked for me. Taking notes in class was rough, because taking my mind and eyes off of the board and teacher meant I would quickly lose my place in the lesson trying to keep notes on what was important. Sadly, when I was a kid, smart phones and computers weren't in the classrooms, so the ability to easily record things and take notes wasn't there for me. Fortunately, I don't have any such restrictions anymore, and I don't have to suffer to keep up anymore. But the difficulties of paying attention in Algebra have now been replaced with learning in the Infosec world, which at times feels like trying to use a waterfall to fill a Solo cup. And that's coming from someone who was absolutely awful in math class. For me, there have always been a few problems taking notes. I need some

Status Update: Still Alive

In what seems to be a common refrain in my life, my dreams and aspirations for this blog may have been a bit loftier than I was capable of executing. That said, I do definitely still want to revisit this idea of the "Windows Pen Test" that was part of my learning experience. I think what I realized as I was studying was that my desire to work through the material and keep learning eventually getting to the point of sitting for a test was overwhelming my want to sit on the Windows topic for weeks to make the in-depth blog that I envisioned making. So what have I been up to since the summer where I last updated? I've been working at grinding away at my study resources since then, and hopefully  there will soon be a payoff for the work. As usual, there's a fair share of headaches in between. When I kicked this blog off, I had been plugging away at the  Practical Ethical Hacking  course from TCM. The course was great, as all of them have been so far, and I was really enjo

What Would Life Be Without a Few Roadblocks?

Enjoy a sunrise photo instead of hacking content. Naturally, once I got the lab built back up and everything would be when my server would die again. So for the past few days I've torn the server down to check everything, run all 8 drives through Hard Disk Sentinel to check the status and make sure the disks themselves weren't bad (all 8 disks scored 100%, despite all being used drives I picked up with the server years ago. I think they're from ~2014?) and then wiped all 8 drives just to be safe. I re-assembled everything, powered it back up and initialized the new Virtual Disk...annnnnnd another drive vanished.  At this point, I'm thinking the SAS Backplane that the drives actually directly plug into that sits directly behind the drive bays may be bad, but for the time being, I just popped out drive 3 which was throwing the error and made the extra 7th drive a hot-swappable drive. This means I'm down to roughly 2TB of space instead of the 3+ I had previously, which

Hacking Windows Domains: Introduction

Part 1 of the Active Directory series. Wilkommen, everyone! After a few hurdles with my homelab server throwing a fit and forcing me to frantically recover my VM's so I could get all of my files off of my file server and temporarily into the cloud, I'm back with a new setup. I've moved from Hyper-V to ESXi, which I always liked for the ease of the web interface, and I've finally been able to recreate my hacking lab as well as my Kali machine that I use to learn on. As I work towards a pen test certification, I've been using a handful of resources to learn and get hands-on time. First up has been the great Active Directory rooms at Try Hack Me . The other has been the great Complete Practical Ethical Hacking course from TCM. This lab will be setup similar to the lab in the PEH course, as it makes it a bit easier to follow along with Heath's videos. There's always Hack the Box to get some hands on time as well, but that's something better saved for anot

Future Material!

Nothing too crazy to post today, but I figured if for no other reason than a bit of self-motivation, I would post about what I'm planning for the next content post. I've been going through the excellent  Practical Ethical Hacking course  from TCM Academy and it's been a blast so far. There are tons of things covered (and I'm sure even more will be dropped in my lap when I wrap it up and move onto their Linux and Windows privilege escalation courses). The part I'm currently working on that has been really interesting so far is the Windows exploitation part of the course, and I figured for my own edification, if nothing else, I would do a bit of a deeper dive into some of the tools used so far and explore them a bit more in depth, and show some of them working in the home lab I've got going. Might even do a little background research of some of them, since reading the book Sandworm  has opened my eyes to the insane backstory on some tools like Mimikatz that sound

Passing the GIAC GSEC Certification

The assembled tools. I needed to figure out something for a real first post...but I'm not an expert in anything. Hell, some days it feels like hitting fine in anything is a high bar to clear. Realistically, I'm not an expert in passing certification exams, but we're going to put that aside and live in a land of make believe for a bit on this one. The GIAC Security Essentials Certification seemed like the Security+ on steroids. As they say, it's a mile wide and a foot deep in terms of what it covers (Is that actually a thing people say?). The GSEC has sections dedicated to Windows, Linux, MacOS, the Cloud, security testing...pretty much everything  is hit in at least a brief overview with the exam. It's a 5-hour test that gives you between 106 and 180 questions, and expects you to get a score of 73% or higher. The exam is multiple choice, and has hands-on labs thrown in that will have you getting hands on time with things like Wireshark and Snort logs among other th