<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Red Team on Notes by Nisha</title><link>https://notesbynisha.com/tags/red-team/</link><description>Recent content in Red Team on Notes by Nisha</description><generator>Hugo</generator><language>en</language><copyright>&amp;copy; 2026 Nisha</copyright><lastBuildDate>Mon, 22 Jul 2024 00:00:00 +0000</lastBuildDate><atom:link href="https://notesbynisha.com/tags/red-team/index.xml" rel="self" type="application/rss+xml"/><item><title>Understanding SMB Relay Attacks and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-22-understanding-smb-relay-attacks-and-mitigation-techniques/</link><pubDate>Mon, 22 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-22-understanding-smb-relay-attacks-and-mitigation-techniques/</guid><description>&lt;h2 id="introduction" class="relative group">Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>In the world of network security, understanding various attack vectors is critical to safeguarding systems and data. One such attack is the SMB (Server Message Block) Relay attack, which exploits vulnerabilities in the SMB protocol commonly used in Windows environments. This article will explore what an SMB Relay attack is, the steps involved in executing such an attack, and mitigation strategies to reduce the associated risks. Additionally, I will include screenshots and steps from my lab demonstration using the Responder tool and NTLM Relay X.&lt;/p></description></item><item><title>Understanding SMB Relay Attacks and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-28-passback-attacks/</link><pubDate>Mon, 22 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-28-passback-attacks/</guid><description/></item><item><title>Understanding LLMNR Poisoning and Mitigation Techniques</title><link>https://notesbynisha.com/posts/2024-07-21-understanding-llmnr-poisoning-attacks/</link><pubDate>Sun, 21 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-21-understanding-llmnr-poisoning-attacks/</guid><description>&lt;h2 id="introduction" class="relative group">Introduction &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#introduction" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>In this blog post, I discuss a common network attack called Link-Local Multicast Name Resolution (LLMNR) poisoning. This type of attack can be highly effective in capturing NTLMv2 hashes, which can then be used to gain unauthorized access to systems in a Windows environment. I will also share insights on how to mitigate this this type of vulnerability attack, ensuring your network remains secure. To illustrate this attack, I have included screenshots from my recent lab demonstration where I successfully captured NTLMv2 hashes using Responder.
&lt;img src="https://notesbynisha.com/assets/images/tcm-academy/tcm-llmnr-1.png">&lt;/p></description></item><item><title>Dancing - HTB Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-07-05-dancing-htb-walkthrough/</link><pubDate>Fri, 05 Jul 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-05-dancing-htb-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank">&lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank" rel="noreferrer">https://app.hackthebox.com/starting-point?tier=0&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1" class="relative group">Task 1 &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>What does the 3-letter acronym SMB stand for?&lt;/p>
&lt;p>Server Message Block&lt;/p>
&lt;h2 id="task-2" class="relative group">Task 2 &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-2" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>What port does SMB use to operate at?&lt;/p></description></item><item><title>TryHackMe Ignite Room Walkthrough: Exploiting Fuel CMS 1.4.1 RCE</title><link>https://notesbynisha.com/posts/2024-07-02-ignite-tryhackme-walkthrough/</link><pubDate>Sun, 17 Mar 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-07-02-ignite-tryhackme-walkthrough/</guid><description>Walkthrough of TryHackMe&amp;rsquo;s Ignite room where we exploit a Remote Code Execution vulnerability in Fuel CMS 1.4.1 (CVE-2018-16763). Learn the steps of enumeration, exploitation, privilege escalation, and defense strategies.</description></item><item><title>Content Discovery - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-10-13-content-discovery-thm-walkthough/</link><pubDate>Fri, 13 Oct 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-10-13-content-discovery-thm-walkthough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/contentdiscovery" target="_blank">&lt;a href="https://tryhackme.com/r/room/contentdiscovery" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/contentdiscovery&lt;/a>&lt;/a>&lt;/p>
&lt;p>
&lt;p>In cybersecurity, discovering hidden or non-obvious content on web servers is critical for any aspiring ethical hacker. The &amp;ldquo;Content Discovery&amp;rdquo; room on TryHackMe offers a detailed, hands-on approach to mastering techniques for uncovering various types of web content that can reveal vulnerabilities or sensitive data. Ideal for learners looking to deepen their web penetration testing skills, this room enhances the ability to pinpoint potential entry points on a target website.&lt;/p></description></item><item><title>Meow - HTB Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-28-meow-htb-walkthrough/</link><pubDate>Thu, 28 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-28-meow-htb-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank">&lt;a href="https://app.hackthebox.com/starting-point?tier=0" target="_blank" rel="noreferrer">https://app.hackthebox.com/starting-point?tier=0&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1--" class="relative group">Task 1 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;h2 id="task-2--" class="relative group">Task 2 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-2--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;h2 id="task-3--" class="relative group">Task 3 - &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-3--" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;img src="https://notesbynisha.com/assets/images/htb/htb-meow-1.png">
&lt;img src="https://notesbynisha.com/assets/images/htb/htb-meow-2.png"></description></item><item><title>Walking An Application - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-27-walking-an-application-thm-walkthrough/</link><pubDate>Wed, 27 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-27-walking-an-application-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/walkinganapplication" target="_blank">&lt;a href="https://tryhackme.com/r/room/walkinganapplication" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/walkinganapplication&lt;/a>&lt;/a>&lt;/p>
&lt;p>In the "Walking An Application" room on TryHackMe, you will learn how to manually assess a web application for security vulnerabilities using only the built-in tools available in your web browser. Automated security tools and scripts often miss many potential vulnerabilities and valuable information. This room emphasizes the importance of manual review to identify and understand these overlooked issues.&lt;/p></description></item><item><title>Introduction to Offensive Security - THM Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2023-09-18-intro-to-offensive-security-thm-walkthrough/</link><pubDate>Mon, 18 Sep 2023 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2023-09-18-intro-to-offensive-security-thm-walkthrough/</guid><description>&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/introtooffensivesecurity" target="_blank">&lt;a href="https://tryhackme.com/r/room/introtooffensivesecurity" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/introtooffensivesecurity&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1---what-is-offensive-security" class="relative group">Task 1 - What is Offensive Security? &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---what-is-offensive-security" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>&lt;strong> Question: Which of the following options better represents the process where you simulate a hacker&amp;rsquo;s actions to find vulnerabilities in a system? &lt;/strong> &lt;br>&lt;/p></description></item></channel></rss>