Pen Test War Stories - Why My Job Is So Easy and How You Can Make It Harder

Pen Test War Stories - Why My Job Is So Easy and How You Can Make It Harder

via YouTube Direct link

Capture NTLMV2 Credentials

9 of 25

9 of 25

Capture NTLMV2 Credentials

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Pen Test War Stories - Why My Job Is So Easy and How You Can Make It Harder

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 External Network - Top Three
  3. 3 Password Spraying - Identify User Accounts
  4. 4 Active Reconnaissance
  5. 5 Password Spraying the Seasons Once you have your list of usernames begin password spraying.
  6. 6 Cheers to the Summer of 2017!
  7. 7 Weak Domain Passwords - Remediation
  8. 8 Metasploit Rogue SMB Server
  9. 9 Capture NTLMV2 Credentials
  10. 10 Good Users vs Bad Network Egress Rules
  11. 11 Lack of Multi-Factor Authentication (MFA)
  12. 12 Exposed Administrator Panels Used for website or application maintenance Enhanced feature set which is a highly valuable target
  13. 13 Lack of Principle of Least Privilege
  14. 14 Legacy Windows Broadcast Protocols
  15. 15 Hash Captured with Responder
  16. 16 SMB Relay Attack
  17. 17 MultiRelay.py Example
  18. 18 SMB Signing Disabled - Remediation
  19. 19 Cached Credentials - Remediation
  20. 20 Insecure Password Storage in GPP
  21. 21 Insecure GPP Password Storage - Remediation Apply B2962486 prevents password data from being stored in GPP
  22. 22 Pivoting through VPN Split Tunneling
  23. 23 VPN Split Tunneling - Remediation
  24. 24 Shared Virtual Center - Remediation
  25. 25 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.