Author: RalfHacker

Imagine someone launching an attack on a corporate Windows network. Initially, the attacker has either limited or no privileges within the domain. Consequently, they will search for accounts and services without elevated privileges, meaning they won't be…

For a successful attack on Active Directory, taking control of workstations, and moving laterally across a network, a skilled hacker doesn't necessarily need user credentials. However, there are times when they are indispensable. To obtain these credentials,…

As you are likely aware, Metasploit is the most acclaimed exploitation and post-exploitation framework in the world. Even if you don’t use it, you had definitely encountered numerous references to Metasploit in our materials. In this article, I will give a brief overview of this framework,…

Empire is a popular post-exploitation tool for Windows, Linux, and macOS. This article addresses all key aspects of this framework, including its most frequently used functions. Even if you are a seasoned pentester, you will likely find something new and useful in this material.

Compromising a domain controller involves more than just finding a known vulnerability, stealing user credentials, or identifying an error in the security policy settings. The above 'achievements' grant only the minimum access level that may be insufficient…

Imagine that you have successfully retrieved users' accounts in a network with an Active Directory domain controller and escalated your privileges. But what if you control not the entire network, but just a small segment of it?…