DarthSidious
Darth Sidious
GETTING STARTED
Getting started
External network access to Domain Admin
Intro to Windows hashes
Building a lab
Building a lab
Preparing Kali
Building a small lab
Building a lab with ESXI and Vagrant
Cuckoo malware analysis lab
Initial access
Password spraying
Initial access through exchange
ENUMERATION
Powershell
BloodHound
PowerView
Azure enumeration
Execution
Pass the hash
Responder with NTLM relay and Empire
DeathStar
CrackMapExec
Privilege escalation
Mimikatz
Token Impersonation
Juicy Potato
ALPC bug 0day
Defense evasion
Bypassing Applocker and Powershell contstrained language mode
From RDS app to Empire shell
Stealth
OTHER
Link encyclopedia
Writeups
War stories
Credential access
Password cracking and auditing
Command & Control
SILENTTRINITY
Powered by GitBook
Have an account? Sign in

Preparing Kali

Last updated 10 months ago
Edit on GitHub

You need some tools for this guide. Get ready! Make a directory to put all this in, because it can get messy. I won't explain all the tools and how to install them, because the different tools and procedures might change.

  • Impacket - A python collection for networking. Includes ntlmrelay, which will be useful later.

  • Responder - Tool for poisoning requests. Use this forked repo rather than SpiderLabs' repo, because it is no longer maintained.

  • Empire - A framework almost like Metasploit, but for Windows hacking.

  • CrackMapExec - Includes tools to check for SMB signing.

  • DeathStar - A for automating the process of becoming Domain Admin.

  • BloodHound - Creating a map of AD. Check /releases on the GitHub page for precompiled binaries!

  • PowerSploit - Powershell tools for post exploitation, some are included in Empire already.

  • Mimikatz - Dumping credentials.

  • Neo4j - Database to use with BloodHound.

Most of these should be available through apt. If not, install them by cloning in git and putting them in /opt. Now you may need to play a litte with installing the tools and their dependencies. A lot of them are written in Python, so familiarize yourself with pip. Make sure you are running tools and scripts with the correct Python version. Certain tools are written for 2.7 and some for 3. How to use the tools are explained in subsequent parts of this tutorial.

Building a lab - Previous
Building a lab
Next - Building a lab
Building a small lab