Learn the basics of Penetration Testing: Video walkthrough for the "Responder" machine from tier one of the @HackTheBox "Starting Point" track; "you need to walk before you can run". We'll be exploring the basics of enumeration, service discovery, Local File Inclusion (LFI), Remote File Inclusion (RFI), NTLM hash grabbing with Responder, hashcracking (john the ripper), evil-winrm and more! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CTF #Pentesting #OffSec
Sign up for HackTheBox: hacktheboxltd.sjv.io/xk75Yk
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
RU-vid: / cryptocat23
Twitch: / cryptocat23
↢HackTheBox↣
affiliate.hackthebox.com/cryp...
/ hackthebox_eu
/ discord
↢Video-Specific Resources↣
book.hacktricks.xyz/pentestin...
www.sikich.com/insight/using-...
book.hacktricks.xyz/pentestin...
↢Resources↣
Ghidra: ghidra-sre.org/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forensics
Decompile Code: www.decompiler.com
Run Code: tio.run
↢Chapters↣
Start: 0:00
Enumerate ports/services (NMap): 0:19
Wappalyzer/Nikto/Gobuster: 1:45
WinRM/evil-winrm: 5:20
Local File Inclusion: 6:55
LFI PHP filter Trick: 11:00
RFI + Responder = NTLM Hashes: 12:04
Crack hash with John: 17:04
Shell with evil-winrm: 17:58
End: 19:13
3 июл 2024