Completed
Malicious Attachment
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Hacking Corporate Email Systems
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Penetration Methodology
- 3 Agenda
- 4 Locate Email Domain
- 5 Gather Employee Names
- 6 Frontend SMTP Servers
- 7 Frontend SMTP Email Validation
- 8 Backend SMTP - Email Bounce Back
- 9 Locate Webmail System - Autodiscover
- 10 Client Access Server - Autodiscover
- 11 OWA Webmail - Autodiscover
- 12 OWA Webmail - Internal IP
- 13 Key Information for Credential Extraction
- 14 OWA - AD Domain Enumeration
- 15 Format Employee Names to Usernames
- 16 OWA Timing Attack
- 17 OWA Two-Factor Authentication Bypass
- 18 Brute-force Password Guessing
- 19 Mailbox Keyword Search
- 20 Extract Global Address List
- 21 Autodiscover XML SOAP Injection
- 22 Autodiscover Configuration Enumeration Autodiscover.xml reveals
- 23 Malicious Attachment
- 24 Malicious Website
- 25 SMTP Catch-all
- 26 SMB Email Client Attack
- 27 Reuse AD Credentials on Services • Web applications
- 28 Reusing gathered info on Internal Network
- 29 Remediation & Reduce Risk
