Big Picture Network addressing is how devices on a network are identified and located so they can communicate with each other. There are two main addresses a device will have, one is the Media Access Control (MAC) address that is strictly installed in the Network interface card (hardware). The other is an IP Address that is dynamic and used for …
Some Networking Fundamentals
Big Picture: Networking is an area of computer science where I could always improve my understanding. This article will mark the beginning of my journey and will cover fundamental networking concepts including networking topologies, mediums, and protocols that can be used to facilitate a network and enable computers to talk to each other. A high level way to think about …
Networking Protocols and Terminology
Big Picture Internet protocols are standardized rules and guidelines that are defined in organizations like RFC and specify how devices on a network should communicate with each other, regardless of the software/hardware that’s being used. It is very important to familiarize yourself with these protocol’s to better understand how different devices communicate. Here is some research I did into commonly …
Windows Lateral Movement Techniques
Big Picture In this scenario you are on a pen test for a company that uses Windows Active Directory and Kerberos to store their resources. Let’s say that you’ve gotten into a windows computer. This could be a workstation or server command line interface that you were able to log in with a user’s basic credentials that doesn’t have any …
Networking Connection Establishment
Big Picture If you’re like me then understanding Networking does not come easily. This is why I wanted to include my notes on how connections are typically established. Here I will talk about Internet Key Exchange, protocols that deal with authentication, TCP vs UDP connections, and how traffic is encrypted to provide secure communications. Internet Key Exchange (IKE) and Mechanisms …
Credential Hunting in Network Shares and Traffic
Big Picture: Do you want to learn more about Networking and offensive networking attacks like myself? Then this article is for your. This is a summary of some basic snooping tactics I’ve used to try and see if I can find user (or ideally admin) credentials that may be exposed due to out of date protocols and systems. All of …
Extracting Passwords from Windows Systems
Big Picture Let’s say that you’ve gotten into a Windows workstation for a company during a pen test. How would you gather other logins for users with more privileged access? How can you find stored passwords or fudge authentication requests to move along a network and find even more goodies? These are some tools I found that can help you …
Credential Hunting on Linux Systems
Big Picture Let’s say you’re on a penetration test for a random company and you are able to phish a basic user’s credentials and remotely connect to their workstation. This user doesn’t have any admin privileges so it’s hard to do cool things and move laterally across the network. Luckily you’ve stumbled across this article and after reading, will have …
Setting up a Firewall — IP Tables
Big Picture Linux firewalls provide a security mechanism to filter incoming and outgoing traffic based on predefined rules, protocols, ports, and other criteria. IPtables is the current de facto standard for Linux firewalls and is implemented into the Netfilter framework of the Linux Kernel. Within IPtables the Tables are used to organize/categorize firewall rules. Chains The way you make rules …
System Logs in Linux
Linux system logs are text files that record system events, user activities, authentication attempts, application errors, and security incidents. They are constantly login events from applications and kernel activity. For cybersecurity professionals logs are critical for detecting suspicious activity like failed login attempts, privilege escalations, and unauthorized access although attackers often try to modify logs to hide their tracks. Here …