Skip to content

HTTP418InfoSec

Breaking stuff and writing about it

  • Red Team
  • White Team
  • Active Directory

BloodHound & Cypher Language

A look at the more complex features of BloodHound's Cypher query language, with several examples of how it can be used to audit an environment.

HTTP418 Active Directory, Red Team 1 Comment May 19, 2023May 20, 2023 11 Minutes

BloodHound Basics

A quick primer on the basics of BloodHound, the well-known Active Directory auditing tool

HTTP418 Active Directory, Red Team 1 Comment May 19, 2023May 20, 2023 6 Minutes

Diagrams: Timelines

Ever wanted to make better diagrams and timelines for your red team reports? I will cover some ideas on how to better structure them.

HTTP418 White Team March 7, 2023May 3, 2023 9 Minutes

Attacking Password Managers: LastPass

A look into how browser based password managers such as LastPass can be attacked via various methods.

HTTP418 Red Team January 24, 2023May 15, 2023 7 Minutes

Attacking Password Managers: KeePass

A look into how client based password managers such as KeePass can be attacked via various methods.

HTTP418 Red Team January 24, 2023May 15, 2023 4 Minutes

Shodan 201: Rummaging Around The Internet

Some tips and tricks for how to use Shodan and its powerful filters to accurately query the internet!

HTTP418 OSINT, Uncategorized December 6, 2022May 3, 2023 5 Minutes

Hack The Boo

Hack The Boo was a Halloween themed CTF from Hack The Box. I could only dedicate a few hours to this, but still managed to solve 3 machines. Below is a quick writeup on the machines I did: Evaluation Deck First off, I downloaded the supplied files from the CTF site /conf/supervisord.conf shows that we … Continue reading Hack The Boo →

HTTP418 CTF October 30, 2022October 30, 2022 4 Minutes

RedTeamNotes: Combining Notes & Graphs!

A quick look at a notetaking application I build whilst doing CRTO as a means of representing my notes in a directed graph to aid with red teaming

HTTP418 Automation, Red Team September 15, 2022May 15, 2023 3 Minutes

SharpRDPHijack: RDP Session Hijacking

A look at RDP session hijacking using SharpRDPHijack, Mimikatz and TSCon. This technique allows us to interact with disconnected RDP sessions.

HTTP418 Red Team August 4, 2022May 3, 2023 3 Minutes

Digging Into Mimikatz’s lsadump And sekurlsa

Mimikatz is a tool which has always surprised me with how many functions and features it has. In this post I dig into the lsadump and sekurlsa functions to see what all of the modules do.

HTTP418 Active Directory, Red Team May 25, 2022May 15, 2023 21 Minutes

Posts navigation

Older posts
Blog at WordPress.com.
HTTP418InfoSec
Blog at WordPress.com.
  • Follow Following
    • HTTP418InfoSec
    • Already have a WordPress.com account? Log in now.
    • HTTP418InfoSec
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...