1/43
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
Lateral Movement
Techniques attackers use to navigate through a network, by accessing other systems and accounts
Pivoting
Process of using a compromised system to move to other systems within the same network
Network Pivoting
Involves using the network capabilities of a compromised machine to route traffic to other machines
Application-level Pivoting
Uses a compromised machine to interact with applications and services on other machines
Relay Creation
Involves capturing and forwarding authentication requests to exploit trust relationships between systems
ProxyChains
A tool that routes internet traffic through multiple proxy servers
Service Discovery
Involves identifying active services running on a networked device
Network Traffic Discovery
Involves analyzing the flow of data within a network
Credential Capturing
Involves intercepting and capturing authentication credentials as they are transmitted over the network
Credential Dumping
Extracts stored credentials from compromised systems
String Searches
Involve searching through files, logs, and memory dumps for specific patterns
Protocol IDs
Identify and analyze specific protocols in use
Server Message Block (SMB)
A protocol used for sharing files, printers, and other resources on a network
Remote Procedure Call (RPC)
Allows programs to request services from programs on other computers within a network
EternalBlue
Sends specially crafted packets to the SMB service, triggering the vulnerability and allowing code execution on the system
Distributed Component Object Model (DCOM)
A technology developed by Microsoft that allows software components to communicate with each other over a network
Get-WmiObject -Class Win32_DCOMApplication
Used to gather information about DCOM applications on a Windows computer
Cleartext Protocols
Transmit data without any encryption
Telnet
Used for remote command-line interface access to other computers
Transmits all data in cleartext (not encrypted)
File Transfer Protocol (FTP)
Used for transferring files between a client and a server
Lightweight Directory Access Protocol (LDAP)
Used to access and manage directory information services
Remote Desktop Protocol (RDP)
Allows users to connect to another computer over a network connection
Virtual Network Computing (VNC)
A graphical desktop-sharing system that uses the RFB protocol to remotely control another computer
Secure Shell (SSH)
A protocol used to securely connect to a remote system over an unsecured network (connection is encrypted)
Windows Management Instrumentation (WMI)
A set of specifications from Microsoft for consolidating the management of devices and applications in a network from Windows computing systems
Line Printer Daemon (LPD)
A network protocol for submitting print jobs to a remote printer, part of the LPR protocol suite, commonly used on Unix and Unix-like systems
JetDirect
A technology developed by HP for connecting printers to a network
Web Interfaces
Refer to the management consoles and administrative panels that many devices and services expose over HTTP or HTTPS
SQLMap
Can exploit a SQL injection vulnerability to gain access to the CMS database
Burp Suite
Helps identify and exploit web vulnerabilities by intercepting and modifying HTTP requests to bypass authentication mechanisms
HTTP Request Smuggling
A web security vulnerability that occurs when an attacker manipulates the way a web server processes HTTP requests
Living Off the Land Binaries (LOLBins)
Are legitimate system binaries that attackers can exploit to perform malicious activities while evading detection
netstat
A command-line utility that displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
net commands
Includes tools like net use, net view, net user, and net group
cmd.exe
Provides a powerful interface for executing commands and scripts
explorer.exe
The Windows graphical file manager
ftp.exe
The command-line FTP client in Windows
mmc.exe
The Microsoft Management Console, which provides a graphical interface for managing various system componenets
rundll32.exe
A utility that allows execution of functions exported from DLLs also known as dynamic link libraries
msbuild32.exe
A tool used to build applications in Visual Studio
route
A command used to view and manipulate the IP routing table
strings.exe and findstr.exe
Are command-line utilities for searching text within files
Sshuttle (Poorman’s VPN)
Useful tool for penetration testers because it allows to route traffic from a local machine through a remote network
Routes network traffic through a remote server, enabling access to internal resources as if physically connected
Covenant C2
An open-source C2 framework, written in the C# programming language, designed for red team operations and penetration testing
Built on .NET