It’s that time again when we challenge our skills in an effort to learn something new daily and VulnHub as provided yet again. Jetty 1 by MrSquid; gave us the opportunity to pay attention to details and use cool tools. Let’s jump in but before we do so, Please read the warning below. Public Service […]
On a recent internal penetration test, the clients goals were to gauge what an internal user or attacker could achieve with user level access to their network. In these cases you want to look for known exploits, weak passwords and miss-configurations. This one fell into the miss-configuration bucket. Its not an issue with the software […]
We do not know all things Penetration Testing or Hacking but what we do know is OUR WILLINGNESS to constantly share what we know with you. They are probably better ways to hack the VulnHub WarZone2 Virtual Machine (VM) by AL1ENUM, but here is our take on WarZone2. Today we are doing a walk through […]
As a Penetration Tester, the constant need to practice our skills is required to improve our penetration testing (PT) abilities. Thus making this process a deliberate and willful one in order to be better at our craft. As a result, this write up serves our practicing and sharing. This walk-through will guide you as you […]
Over the years, we constantly tell newcomers to the field of Information Technology (IT) Security to “GET INVOLVE” in the Security community, but do we truly tell them how or where to begin. If you are new to a field the last thing you want to be is a poser. In the past, CyberGuider has […]
The demand for Information Technology (IT) Security professionals is growing at a crazy speed because of the various breaches. Organizations are looking for bright and resourceful personnel to fill these positions. This ultimately is driving recruitment of professional IT Security talent on a daily basis to the point that almost all colleges have an IT […]
From the people who brought you WHAT THE CTF, CyberGuider is please to present its official walkthrough of DC1:1 from VulnHUB. This system was a lot of fun and shows that simple misconfigurations can cause the system to be compromised. Here is how we started…. RECON PHASE Of course with a NMAP scan, you know […]
In the last post https://www.cyberguider.com/bypassing-windows-defender-the-tedious-way/ we found that Windows Defender uses a black list to stop known hacking tools such as Mimikatz. We were able to easily bypass the restriction with some word replacements but it took time, trail and error. In this post we are going to make that process much easier. As with […]
I was on a penetration test when i was able to acquire a set of admin credentials. This wasn’t a red team engagement, so there was no issues lighting up their AV with some of our tools but I always try to stay as silent as possible until close to the end or the assessment. […]
Most of the time I’m binge watching Netflix, Amazon Prime, Hulu, or some other instant gratification media platform. But on the rare occasion that I’m out in these streets and talking to other professionals, the conversation always ends up at “So what do you do?”. I guess this is one of the default topics of […]