Linux

Improve post-exploitation workflows by upgrading a non-interactive shell to a full TTY, enhancing control over a compromised system.

Discover the rich history and intricate details of Linux distributions, from their origins and growth to their crucial role in modern computing, all explored in this comprehensive guide for enthusiasts and newcomers alike.

The article explores the history of open-source software and its impact on the computing industry, from the rise of Microsoft and proprietary software to the birth of Linux and the GNU Project, the emergence of open-source software, and the mainstreaming of open-source software, highlighting key players, developments, and anecdotes, while also discussing its relevance to cybersecurity and the need for community-driven development and collaboration.

Mythic is a powerful, open-source post-exploitation framework that offers red teamers and pen testers an extensible and customizable platform with numerous modules, agents, and C2 profiles to enhance their engagements and achieve objectives in various target environments.

A deep-dive guide for red team operators transitioning from Linux to macOS. Learn the critical differences in Unix underpinnings, master macOS-specific security boundaries like TCC and SIP, discover “Living off the Land” techniques using JXA and AppleScript, and understand how to persist using LaunchDaemons.

A specialized guide for Red Team operators on exfiltrating and migrating data from a target MySQL database to a local PostgreSQL instance. Learn how to use Docker for rapid infrastructure deployment, pgloader for automated schema conversion, and handle both live network migrations and offline dump analysis.

A deep-dive into the technical requirements and execution of Pass-the-Hash for Remote Desktop Protocol (RDP). Learn the correct xfreerdp syntax, how to enable Restricted Admin Mode remotely, troubleshoot NLA errors, and understand the forensic “Type 3” logon anomaly.

A deep-dive guide into advanced network tunneling techniques. Learn to combine Iptables, SSH (Local, Remote, Dynamic, and Reverse Dynamic), Windows Netsh, and Socat to bypass firewalls, pivot through sophisticated network segments, and maintain a low profile during engagements. Now covers modern tools like Chisel and Ligolo-ng.

A comprehensive guide for red team operators on using Impacket’s mssqlclient.py to discover, authenticate, and exploit Microsoft SQL Server instances. Learn to achieve RCE via xp_cmdshell and OLE Automation, steal hashes via UNC path coercion (xp_dirtree), abuse linked servers, and extract sensitive data stealthily.

A massive, comprehensive deep-dive into leveraging Impacket’s powerful SMB tools for offensive operations. Learn how to access shares using smbclient.py, host malicious shares with smbserver.py, perform high-impact NTLM relaying, dump domain secrets with secretsdump.py, and troubleshoot protocol hurdles.

A massive, comprehensive deep-dive into smbclient, covering SMB architecture, essential enumeration techniques, data exfiltration, Pass-the-Hash, advanced automation, and forensic considerations for red team operations.

An in-depth guide to SSH multiplexing and master control sockets for red team operations. Learn to use a single TCP connection for concurrent sessions, reducing overhead, managing connection churn, and understanding the risks of socket hijacking.

Master the art of flight without leaving a footprint. A comprehensive guide to disabling shell history, managing operational hygiene, and understanding the forensic limit of these techniques across Bash, Zsh, Fish, and PowerShell on Linux.

A comprehensive guide to mastering port scanning on both Linux and Windows, covering standard tools like Nmap, stealthy built-in techniques, and modern PowerShell-based enumeration.

Master Linux enumeration with best practices, techniques, and tools to gather system info, identify vulnerabilities, and exploit attack vectors.