r3kind1e - Cybersecurity Insights and Penetration Testing

「The quieter you become, the more you are able to hear.」

Exploiting SAMBA

Exploiting SAMBA Exploiting SAMBA SMB (Server Message Block) is a network file sharing protocol that is used to facilitate the sharing of files and peripherals between computers on a local network ...

Posted by r3kind1e on October 25, 2022

Exploiting SSH

Exploiting SSH Exploiting SSH SSH (Secure Shell) is a remote administration protocol that offers encryption and is the successor to Telnet. It is typically used for remote access to servers and sy...

Posted by r3kind1e on October 20, 2022

Exploiting FTP

Exploiting FTP FTP (File Transfer Protocol) is a protocol that uses TCP port 21 and is used to facilitate file sharing between a server and client/clients. It is also frequently used as a means of...

Posted by r3kind1e on October 18, 2022

Exploiting Bash CVE-2014-6271 Vulnerability (Shellshock)

Exploiting Bash CVE-2014-6271 Vulnerability (Shellshock) CVE-2014-6271 - Shellshock Shellshock (CVE-2014-6271) is the name given to a family of vulnerabilities in the Bash Shell (sin V1.3) that all...

Posted by r3kind1e on October 17, 2022

Frequently Exploited Linux Services

Frequently Exploited Linux Services Linux is a free and open source operating system that is comprised of the Linux kernel, which was developed by Linus Torvalds, and the GNU toolkit, which is a co...

Posted by r3kind1e on October 15, 2022

Pass-The-Hash Attacks

Pass-The-Hash Attacks Pass-The-Hash Pass-the-hash is an exploitation technique that involves capturing or harvesting NTLM hashes or clear-text passwords and utilizing them to authenticate with the ...

Posted by r3kind1e on October 9, 2022

Dumping Hashes With Mimikatz

Dumping Hashes With Mimikatz(使用 Mimikatz 转储哈希) Mimikatz Mimikatz 是 Benjamin Delpy (@gentilkiwi) 编写的 Windows 后期利用工具。 它允许从内存中提取明文密码、哈希和 Kerberos 票证。 SAM(安全帐户管理器)数据库是 Windows 系统上存储散列用户密码的数据库文件。 Mimi...

Posted by r3kind1e on October 8, 2022

Searching For Passwords In Windows Configuration Files

Searching For Passwords In Windows Configuration Files(在 Windows 配置文件中搜索密码) Windows 配置文件 Windows 可以自动执行各种重复性任务,例如在许多系统上大规模推出或安装 Windows。 这通常通过使用无人参与的 Windows 安装实用程序来完成,该实用程序用于自动在系统上大规模安装/部署 Window...

Posted by r3kind1e on October 6, 2022

Windows Password Hashes

Windows Password Hashes(Windows 密码哈希) Windows 密码哈希 Windows 操作系统将散列的用户帐户密码本地存储在 SAM(安全帐户管理器)数据库中。 散列是将一段数据转换为另一个值的过程。 散列函数或算法用于生成新值。 散列算法的结果称为散列或散列值。 本地安全机构 (LSA) 促进了用户凭据的身份验证和验证。 直到 Windows Serv...

Posted by r3kind1e on October 3, 2022

Alternate Data Streams

Alternate Data Streams(备用数据流) 备用数据流 (ADS) 备用数据流 (ADS) 是 NTFS(新技术文件系统)文件属性,旨在提供与 MacOS HFS(分层文件系统)的兼容性。 在 NTFS 格式化驱动器上创建的任何文件都将具有两个不同的分叉/流: 数据流 - 包含文件数据的默认流。 资源流 - 通常包含文件的元数据。 攻击者可以使用 ADS 将恶意代码或...

Posted by r3kind1e on October 2, 2022

FEATURED TAGS
Penetration Testing Student Penetration Testing Student v2 Host & Network Penetration Testing The Metasploit Framework (MSF) Post-Exploitation Exploitation Assessment Methodologies System/Host Based Attacks Penetration Testing Professional Resource Development & Initial Access Enumeration Network Attacks TryHackMe Web Attacks Client-Side Attacks Penetration Testing Prerequisites PowerShell for Pentesters Social Skills Footprinting & Scanning IELTS Information Gathering System Attacks experience 留学 Network-Based Attacks 安全评估工具 C++ Career Python Vulnerability Assessment crypto
ABOUT ME

Initially studied English before switching to Computer Science. Completed most Computer Science credits within a year and a half. Took a year off for self-study in cybersecurity and interned as a Penetration Testing Engineer at Hillstone Networks.

FRIENDS