Skip to content

IT on the Couch

Talking everything Information Security, from Penetration Testing, System Hardening to Information Assurance.

  • Home
  • Useful Resources
    • Podcasts
    • Books
    • UK Information Security and Computer Laws
    • On-line Learning
  • Labs + Projects
  • About Me
  • Security Hardening
    • Windows
    • Linux
  • Penetration Testing

Penetration Testing

Penetration Testing – discussing exploits,  vulnerabilities, fixes and tools

Penetration Testing

Here I will be discussing exploits,  vulnerabilities, fixes and tools dedicated to the two areas of personal interest to me within Penetration Testing. Infrastructure and Web Application Testing.

Infrastructure Testing

  • Are Azure Access and Refresh Tokens the New NTLM Attack Vectors for Authentication in AD?
  • SSH ProxyCommand & ProxyJump
  • CVE-2021-4034 “Pwnkit” Local Privilege Escalation (LPE) vulnerability
  • PetitPotam and Active Directory Certificate Services NTLM Relay Attack
  • Basic Pivoting Techniques
  • GPO Abuse – Edit permissions misconfiguration
  • DACL Trouble: GenericAll on OUs
  • Pass the Ticket: PTH
  • LAPS ms-Mcs-AdmPwd enumeration/attack vector
  • Stealing RDP Sessions

Web Application Testing

  • Searchsploit command line shortcut options -m and -x.
  • Burp Suite Macro: Auto Login (session re-authentication)
  • Hardening Microsoft IIS 8.5 Security Headers
  • MiTM Thick Client Web Services Testing.
  • Server Hardening: HTTP TRACE TRACK Methods Allowed – Part1 Apache