Remotely stealing windows credentials with WordSteal

Microsoft Word has the ability to include images from remote locations. This is an undocumented feature but was found used by malware creators to include images through http for statistics. We can also include remote files to a SMB server and the victim will authenticate with his logins credentials. This is very useful during a … Read moreRemotely stealing windows credentials with WordSteal

Retrieve domain password hashes with Mimikatz

Mimikatz is a windows security tool that can be used to extract passwords from Windows/Windows Servers. One way of doing this manually is extracting the information from the NTDS.DIT file, which is the Active Directory database. This can be tricky to extract, as it’s current open and generally inaccessible whilst the server is running. This … Read moreRetrieve domain password hashes with Mimikatz

Exploiting Microsoft Office and delivering a payload using Microsoft DDE

Windows provides several methods for transferring data between applications. One method is to use the Dynamic Data Exchange (DDE) protocol. The DDE protocol is a set of messages and guidelines. It sends messages between applications that share data and uses shared memory to exchange data between applications. Applications can use the DDE protocol for one-time … Read moreExploiting Microsoft Office and delivering a payload using Microsoft DDE

Kali VMWare Tools Installation

It is very important that you install VMware Tools in the guest operating system. With the VMware Tools SVGA driver installed, Workstation supports significantly faster graphics performance. The VMware Tools package provides support required for shared folders and for drag and drop operations. Other tools in the package support synchronization of time in the guest … Read moreKali VMWare Tools Installation

Capturing packets and cracking WPA with Airmon/Airodump (Wordlists)

This example assumes that you have a wireless adapter capable of entering motor mode and that you have the aircrack-ng suite of tools installed. These come pre-installed on the Kali Linux distribution. Determine the adapter to use for capturing: Make note of your wireless adapter interface, e.g. wlan0. Next we need to use airmon to … Read moreCapturing packets and cracking WPA with Airmon/Airodump (Wordlists)

Wordlists to use in Kali for password cracking

Wordlists are invaluable when looking at breaking passwords. Wordlists are used over brute force as they’re made up of real words and phrases that people would generally use as passwords. Wordlists can be faster to process before looking at brute-force password cracking. There are now a horde of wordlists available to use; some of which … Read moreWordlists to use in Kali for password cracking

Using Steganography to hide data in images

Steganography is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data. There are a few … Read moreUsing Steganography to hide data in images

Attack Simulation: Meterpreter payload over reverse HTTP/HTTPS

This example will show you how to create a Meterpreter HTTP listener on a specific port and generate a payload for the target machine to connect back to. Using a reverse HTTP/HTTPS payload is more unsuspecting to the target as it appears to be normal web traffic going to a domain through port 80 or … Read moreAttack Simulation: Meterpreter payload over reverse HTTP/HTTPS

Scanning networks with Zenmap (nmap GUI)

One of the most useful tools already included in Kali Linux is a front-end UI to nmap. This will allow you to visually see scan results and perform tasks on hosts; without knowing the command line options of nmap. Although included in Kali by default, Zenmap can be easily installed on any Linux distribution. Zenmap … Read moreScanning networks with Zenmap (nmap GUI)

Antivirus Evasion with Shellter

The following guide will show you how to use the basic features of Shellter, AV evasion software. From the official website: Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications (currently 32-bit applications only). The … Read moreAntivirus Evasion with Shellter