Writing a full hands-on of BloodHound takes more time than I thought, hence Part II is going to be delayed until I’m fully satisfied with the results. Thus I thought I will share some of my Linux cheats which I use (mostly for enumeration and privilege escalation stuff). A lot of the following commands are from labs, cheatsheets, writeups, from friends and colleagues, trial and error and also copied from famous places like hacktricks and ired. Read more...

What is BloodHound? BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Read more...

All the different types of Windows hashes can be confusing sometimes. So to clear thinks up a little bit, I wrote some Key points to help understand what most of the stuff like LM, NTLM and DCC is all about. An excellent writeup for NTLM relaying1 is from byt3bl33d3r. All the other sources2 3 4 can be found in the footnotes. Hash types LM Hashes5 Since OS/2 (ca. 1980) in use Limited character set - everything is an CAPS and a 7 char character-limit When hashing, the PW is padded to 14 characters with zeros and encrypted with DES Very easily crackable - found only in exceptions in NTDS. Read more...

Definition: Kerberos Kerberos (/ˈkɜːrbərɒs/) is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.1 There is also the MIT version of Kerberos, but it’s slightly different than the Microsoft2 implementation.3 Kerberos is also the three headed dog who guards the entrance to the underworld in greek mythology.4 Read more...

Making the web less bloated So recently I found a website called 1MB Club, where people’s websites are listed which are less than 1MB in size. I realy liked the idea of the website because I found likeminded people, who love to build sites, which don’t burden your bandwith. Make sure to check out bradleytaunt’s Github Page. Only people who lived through ISDN and/or a bandwith of 57KiB/s know what it feels like, when you have to download a file/program which is bigger than 25MB. Read more...