User contributions for SourMilk

1 April 2023

• 13:3713:37, 1 April 2023 diff hist 0‎ m Category:Collection ‎ Protected "Category:Collection" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) current
• 13:3713:37, 1 April 2023 diff hist 0‎ m Category:Lateral Movement ‎ Protected "Category:Lateral Movement" ([Edit=Allow only administrators] (indefinite)) current
• 13:3713:37, 1 April 2023 diff hist 0‎ m Category:Discovery ‎ Protected "Category:Discovery" ([Edit=Allow only administrators] (indefinite)) current
• 13:3613:36, 1 April 2023 diff hist 0‎ m Category:Credential Access ‎ Protected "Category:Credential Access" ([Edit=Allow only administrators] (indefinite)) current
• 13:3613:36, 1 April 2023 diff hist 0‎ m Category:Defense Evasion ‎ Protected "Category:Defense Evasion" ([Edit=Allow only administrators] (indefinite)) current
• 13:3613:36, 1 April 2023 diff hist 0‎ m Category:Privilege Escalation ‎ Protected "Category:Privilege Escalation" ([Edit=Allow only administrators] (indefinite)) current
• 13:3513:35, 1 April 2023 diff hist 0‎ m Category:Initial Access ‎ Protected "Category:Initial Access" ([Edit=Allow only administrators] (indefinite)) current
• 13:3513:35, 1 April 2023 diff hist 0‎ m Category:Resource Development ‎ Protected "Category:Resource Development" ([Edit=Allow only administrators] (indefinite)) current
• 13:3513:35, 1 April 2023 diff hist 0‎ m Category:Reconnaissance ‎ Protected "Category:Reconnaissance" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)) current

22 February 2023

• 12:5012:50, 22 February 2023 diff hist +553‎ MailSniper ‎No edit summary
• 12:2912:29, 22 February 2023 diff hist +345‎ MailSniper ‎ →‎Descriptionhttps://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/
• 12:2812:28, 22 February 2023 diff hist 0‎ MailSniper ‎ →‎https://www.blackhillsinfosec.com/attacking-exchange-with-mailsniper/Description
• 12:2712:27, 22 February 2023 diff hist +129‎ MailSniper ‎No edit summary Tag: Visual edit
• 12:2612:26, 22 February 2023 diff hist +529‎ N MailSniper ‎ Created page with "Category:Tools ==Description== ==Commands== <syntaxhighlight lang="powershell"> # Enumerate Netbios name Invoke-DomainHarvestOWA -ExchHostname mail.name.com # Uses timing attack to validate possible usernames with OWA server Invoke-UsernameHarvestOWA -ExchHostname mail.name.io -Domain name.io -UserList possible.txt -OutFile valid.txt # Password spray valid usernames with specific password Invoke-PasswordSprayOWA -ExchHostname mail.name.io -UserList valid.txt -Pass..." Tag: Visual edit

13 February 2023

• 15:4015:40, 13 February 2023 diff hist +642‎ Cobalt Strike:Host Reconnaissance ‎ →‎Basic Cobalt Commands current
• 15:3615:36, 13 February 2023 diff hist +77‎ Cobalt Strike:Host Reconnaissance ‎No edit summary
• 15:3215:32, 13 February 2023 diff hist +497‎ Cobalt Strike:Host Reconnaissance ‎No edit summary Tag: Visual edit
• 14:3114:31, 13 February 2023 diff hist +1,090‎ N Cobalt Strike:Host Reconnaissance ‎ Created page with "Category:Cobalt Strike ==Background== Prior to executing any post-exploitation steps, it is imperative for red teamers to assess the target system's security measures. This involves gathering information about the presence of antivirus (AV) software, endpoint detection and response (EDR) solutions, Windows audit policies, PowerShell logging, event forwarding, and other security-related components. Host reconnaissance serves as an important factor in determining the..."
• 14:2214:22, 13 February 2023 diff hist +32‎ N Category:Cobalt Strike ‎ Created page with "Category:Command and Control" current

5 February 2023

• 15:1615:16, 5 February 2023 diff hist +2,633‎ BroScience ‎No edit summary
• 15:1015:10, 5 February 2023 diff hist +3,716‎ BroScience ‎No edit summary
• 15:0915:09, 5 February 2023 diff hist +1,038‎ BroScience ‎No edit summary
• 15:0615:06, 5 February 2023 diff hist +2,802‎ BroScience ‎No edit summary
• 15:0115:01, 5 February 2023 diff hist +17‎ BroScience ‎No edit summary
• 15:0015:00, 5 February 2023 diff hist +500‎ BroScience ‎No edit summary
• 14:5514:55, 5 February 2023 diff hist +3,575‎ BroScience ‎No edit summary Tag: Visual edit: Switched
• 14:4714:47, 5 February 2023 diff hist +1,693‎ N BroScience ‎ Created page with "category:Medium ==Box Information== Network: Hack The Box Operating System: Linux Release Date: 7 January 2023 Creator: [https://app.hackthebox.com/users/485051 bmdyy] Difficulty: Medium Points: 30 ==Enumeration== ===Nmap=== <syntaxhighlight lang="powershell"> # Nmap 7.93 scan initiated Thu Jan 26 19:36:36 2023 as: nmap -sCV -oA nmap/broscience 10.129.5.153 Nmap scan report for 10.129.5.153 Host is up (0.077..." Tag: Visual edit: Switched

30 January 2023

• 14:1914:19, 30 January 2023 diff hist +1,818‎ N Rpivot ‎ Created page with "Category:Tools Category:Tunneling & Port Forwarding ==Description== RPIVOT is a tool that provides secure and flexible access to an internal network by tunneling traffic through a SOCKS 4 proxy. It operates in the opposite direction of SSH dynamic port forwarding, allowing you to pivot into an internal network from an external system. RPIVOT provides a convenient way to bypass network restrictions and gain access to internal resources without the need for direct..." current Tag: Visual edit: Switched
• 13:4513:45, 30 January 2023 diff hist +39‎ Sshuttle ‎No edit summary current
• 13:4413:44, 30 January 2023 diff hist +63‎ Sshuttle ‎No edit summary Tag: Visual edit
• 13:4413:44, 30 January 2023 diff hist +1,369‎ N Sshuttle ‎ Created page with "category:Tools ==Description== Sshuttle<ref>https://github.com/sshuttle/sshuttle</ref> is a free, open-source software tool that allows you to securely access network resources behind a firewall or router, by creating a VPN (Virtual Private Network) connection over an existing SSH (Secure Shell) connection. sshuttle works by forwarding all network traffic from your local machine to the remote network via an encrypted SSH tunnel, effectively bypassing any firewalls..." Tag: Visual edit: Switched
• 13:2813:28, 30 January 2023 diff hist −4‎ Plink.exe ‎ →‎Remote Port Forwarding current
• 13:2713:27, 30 January 2023 diff hist +2‎ Plink.exe ‎ →‎=Remote Port Fowarding
• 13:2713:27, 30 January 2023 diff hist +1,387‎ N Plink.exe ‎ Created page with "Category:Tools Category:Tunneling & Port Forwarding ==Description== PuTTY Link (Plink) is a command-line connection tool for Windows that is used for connecting to a remote computer using the Telnet and Secure Shell (SSH) network protocols. It is part of the PuTTY suite of tools, which also includes the PuTTY terminal emulator and the PuTTY Configuration Utility. Plink is commonly used to automate routine tasks, such as executing shell commands on a remote server..." Tag: Visual edit: Switched
• 13:1413:14, 30 January 2023 diff hist +8‎ Socat ‎No edit summary current
• 13:1413:14, 30 January 2023 diff hist +752‎ N Category:Tunneling & Port Forwarding ‎ Created page with "Category:Command and Control ==Description== Tunneling and port forwarding are both techniques used in red teaming, a type of simulated cyber attack used to test an organization's security defenses. Tunneling involves creating a secure connection between two networked devices, allowing data to be transmitted between them even if they are behind a firewall or in different parts of the world. Port forwarding, on the other hand, is a method of redirecting incoming netwo..." current
• 13:0513:05, 30 January 2023 diff hist +33‎ Socat ‎No edit summary
• 12:4712:47, 30 January 2023 diff hist +1,157‎ Socat ‎No edit summary Tag: Visual edit
• 12:3812:38, 30 January 2023 diff hist +1,665‎ N Socat ‎ Created page with "Category:Tools ==Description== socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (serial line etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU line editor (readline), a program, or a combination of two of these. These modes include generation of "listening" sockets, named p..." Tag: Visual edit: Switched

29 January 2023

• 15:0015:00, 29 January 2023 diff hist +521‎ Category:Impact ‎No edit summary current
• 14:5914:59, 29 January 2023 diff hist +7‎ Category:Exfiltration ‎No edit summary current
• 14:5514:55, 29 January 2023 diff hist +39‎ Category:Command and Control ‎No edit summary current
• 14:5414:54, 29 January 2023 diff hist +538‎ Category:Collection ‎No edit summary
• 14:5214:52, 29 January 2023 diff hist +900‎ Category:Lateral Movement ‎No edit summary
• 14:5114:51, 29 January 2023 diff hist +829‎ Category:Discovery ‎No edit summary
• 14:4914:49, 29 January 2023 diff hist +883‎ Category:Credential Access ‎No edit summary
• 14:4814:48, 29 January 2023 diff hist +919‎ Category:Defense Evasion ‎No edit summary
• 14:4714:47, 29 January 2023 diff hist +760‎ Category:Privilege Escalation ‎No edit summary
• 14:4614:46, 29 January 2023 diff hist +466‎ Category:Persistence ‎No edit summary current
• 14:4514:45, 29 January 2023 diff hist +436‎ Category:Execution ‎No edit summary current