Pass-The-Hash – 20 years and still rocking

Few techniques can claim to be as popular and effective as good ol’ pass the hash in Windows environments. This prime example highlights the danger of screwing up the design of an authentication protocole. This post does not aim to explain PTH, we have talked…

Mimikatz & bypassing AV

This post is a simple shout out to a blog post I enjoyed reading and that proves a point I have repeated endlessly throughout Hack like a Pornstar & Hack a Fashion Brand: AV products that rely on signatures (that’s almost all of them) can…

Simple HTTPs servers

I love the SimpleHTTPServer module on Python. It sets up a quick HTTP server when you are in dire need of a simple way to download files to a target. root@Kali:~# python -m SimpleHTTPServer Serving HTTP on 0.0.0.0 port 8000 … On a real assignment…