Blog
LazyAdmin TryHackMe Walkthrough
Anonymous Rooted: A TryHackMe Walkthrough
Compromising the Dev Box: A PNPT Walkthrough with Mitigation and MITRE ATT&CK Mapping
TryHackMe: Enumeration & Brute Force Room Walkthrough
Overview #
This walkthrough documents my experience completing the Enumeration & Brute Force room on TryHackMe. The room provides hands-on experience with various enumeration techniques, brute force attacks, and web application vulnerability exploitation. This write-up details my approach to each task and the key learning points along the way.
Investigate Web Attacks Challenge Walkthrough (Let's Defend)
Exploring Splunk Data Administration: Parsing, Event Line Breaking, and Data Privacy
As cybersecurity professionals, one of the key challenges we often face is the sheer volume of log data we need to analyze. Whether we’re hunting for anomalies, investigating security incidents, or just keeping an eye on our network’s health, efficiently processing log data is important. I recently had the opportunity to further explore Splunk Data Administration, specifically the Parsing Phase and Data Preview—two areas that fundamentally shape how Splunk processes incoming data and prepares it for analysis. In this post, I’ll share what I learned and how these skills relate to my daily work.
Escalate and Defend: Linux Kernel Exploit Walkthrough
IPv6 DNS Takeover with MITM6 in an Active Directory Environment
Table of Contents #
Introduction #
In this blog post, I will walk you through a demonstration of an IPv6 DNS takeover attack using the mitm6 (Man in the Middle for IPv6) tool in an Active Directory (AD) pentesting environment. This type of attack exploits weaknesses in the network’s handling of IPv6, allowing an attacker to become a Man-in-the-Middle (MITM) and relay NTLM authentication requests to a Domain Controller (DC).
Understanding SMB Relay Attacks and Mitigation Techniques
Introduction #
In the world of network security, understanding various attack vectors is critical to safeguarding systems and data. One such attack is the SMB (Server Message Block) Relay attack, which exploits vulnerabilities in the SMB protocol commonly used in Windows environments. This article will explore what an SMB Relay attack is, the steps involved in executing such an attack, and mitigation strategies to reduce the associated risks. Additionally, I will include screenshots and steps from my lab demonstration using the Responder tool and NTLM Relay X.