In this case, we will look into how we can use LLMNR to poisoning to get the hash for a specific user and crack that in order to gain access. We have a domain called master.loc where the domain controller is dc1. The client workstation is client1. LLMNR is a protocol which is used to discover any hosts present in the network. In our scenario, we will try to access a fileserver called wow.

Continue reading

init If you want to find out which executable were executed on a workstation in windows it is bit tricky to find. There are some ways you can detect that. In this post we will look into PowerForensic powershell scripts to check some of its features. PowerForensic After you download and import the script, you will see the following commands available to the system. Remember to run the powershell as Administrator Below we can see that we can get last execution time for a specific application.

Continue reading

There is requirement that we need to perform database analysis on invalid entires into the database. We need to trace or track the entries performed in the database. But to do that we need a proper way to do it. how to test In this guide we will make a test database in called Tweety in Microsoft SQL Server 2017 and connect to it using Microsoft SQL Server Management Studio.

Continue reading

Author's picture

rezaur rahman

just thinking out loud to help others

cybersecurity researcher