Hacking a Domain Controller

  Рет қаралды 26,592

The Cyber Mentor

The Cyber Mentor

Күн бұрын

Пікірлер: 47
@TCMSecurityAcademy
@TCMSecurityAcademy 2 жыл бұрын
Thanks to our sponsor, Keeper Security. You can download Keeper Security's Password Manager here: bit.ly/3SvmAA4
@TastyLaserCakes
@TastyLaserCakes 2 жыл бұрын
As a Jr. Pentester, not only was this relatable it was also super helpful. Lesson learned, don't ignore the not-so-obvious documents in file shares.
@Boolap1337
@Boolap1337 2 жыл бұрын
Its crazy that 2 months ago I knew nothing about pen-testing. Now I could follow along in the vid and understand 100% of what being said. Much because of just the PEH-course. Appreciate you, Heath, and all the TCM crew.
@wavemakersdj
@wavemakersdj 2 жыл бұрын
Something I take from this is how well you need to understand the interconnected enterprise systems in most common environments in order to get to this point. Sometimes luck is involved, but when you go this deep you have to first understand how it's set up and operates before you can think about how to get through common security practices. I always recommend people setup their own environments and secure it as best as they can, and then try to break in it to learn this if you aren't already an admin in an environment first.
@juliusrowe9374
@juliusrowe9374 2 жыл бұрын
Heath, sounds like it was a pretty dope engagement especially when you got the info you needed from that Mac folder. Thanks for sharing the high-lever overview of the engagement very informative too!
@LEVELMotorsports
@LEVELMotorsports 2 жыл бұрын
I’ve done hundreds of pen tests professionally over the past 4 years. This story is a pretty common one, sans share access that’s unmitigated. That’s uncommon and I usually find a different way, but CME, Responder, ntlmrelayx, and simple SCF/URL files are priceless.
@ambroze88
@ambroze88 2 жыл бұрын
Heath, you are incredible and I hope you grow even more than you already have! Favourite cyber person, period. I want to mention too that your courses have been strongly recommended by multiple organizations I have applied for in Switzerland and UK !!!!!!!!!
@uaebikers
@uaebikers 2 жыл бұрын
I'm studying AD for PNPT and loved the story. Please keep sharing your experiences.
@purplepingg
@purplepingg 2 жыл бұрын
Hi bro, can you share from where AD pnpt we can study. Am searching a lot about this subject but not getting a detailed document/book
@uaebikers
@uaebikers 2 жыл бұрын
@@purplepingg tryhackme active directory module. Around 7 rooms. Half are free and half paid.
@Agent_Orange_Peel
@Agent_Orange_Peel 2 жыл бұрын
Cool story. Shows the process and the hacker mindset. It also shows the value in the little things.
@nuszkat9953
@nuszkat9953 2 жыл бұрын
Did you use custom malwares for the EDR test ? Anything that you wrote or obfuscated
@MetalElmmer
@MetalElmmer Жыл бұрын
Great story
@ninetails_merlin5730
@ninetails_merlin5730 2 жыл бұрын
That one mistake. Looks like the company was doing very well indeed overall. Well done sir!
@QuincyNtuli
@QuincyNtuli 2 жыл бұрын
It was a 'Hail Mary' 🙂 as I hear echoes of 'Enumerate, enumerate, enumerate'
@MFoster392
@MFoster392 2 жыл бұрын
Thank you I'm teaching myself and learning so much from your videos here and your 4 hour Linux course
@mrsmith5114
@mrsmith5114 Жыл бұрын
So they gave you access to a server or you got internal access on your own?
@zukxxxx0
@zukxxxx0 2 жыл бұрын
As always insightful and am so curious to have as TCM's mentality
@klr607
@klr607 2 жыл бұрын
That shirt looks cool. Do you make the designs on TCM Academy yourself?
@RAZREXE
@RAZREXE 2 жыл бұрын
Very informative and inspiring. Thanks for the video, appreciate it.
@getoutmore
@getoutmore 2 жыл бұрын
Hi TCM, unrelated to your video, but: Have you thought about adding more Blue Team Content to TCM Academy? Like a SOC Fundamentals Course? I don't see many resources with actual courses that are not up in the thousands. Thanks and all the best.
@nandorbacso4625
@nandorbacso4625 2 жыл бұрын
Man, you are my idol❤️
@breakingcustombc2925
@breakingcustombc2925 2 жыл бұрын
If they had mitigated LLMNR poisoning would've that stopped you?
@UsamaAli-kr2cw
@UsamaAli-kr2cw Жыл бұрын
Hello anyone can tell what does he mean by putting somefiles on smb shares to get user hashes on responder.?
@ghostgaming-78-l5l
@ghostgaming-78-l5l 2 жыл бұрын
Is it possible to make a Wi-Fi extender from a usb flash drive
@areray1441
@areray1441 2 жыл бұрын
You’re the best man!
@dean3515
@dean3515 2 жыл бұрын
Love the new shirt! ❤
@HopliteSecurity
@HopliteSecurity 2 жыл бұрын
Great video and great shirt! Keeper security is a fantastic tool and I highly recommend it. Thank you as well for the amazing video content and keep it up ❤
@gustavopiedade8872
@gustavopiedade8872 2 жыл бұрын
Tks for sharing!
@zukxxxx0
@zukxxxx0 2 жыл бұрын
Where can I get the TCM shirt you got wore???
@Exit_Asphalt_0
@Exit_Asphalt_0 2 жыл бұрын
Just check tcm merch site lol
@_neovek
@_neovek 2 жыл бұрын
Why would I use Keeper Security when Firefox can suggest and keep my passwords too?
@TCMSecurityAcademy
@TCMSecurityAcademy 2 жыл бұрын
Those passwords are stored in cleartext homie.
@tiktOk-qp8ph
@tiktOk-qp8ph 2 жыл бұрын
congratulations
@Wanderer072
@Wanderer072 2 жыл бұрын
Amazing!!! ⭐️⭐️⭐️⭐️⭐️
@noormohammadgagguturi
@noormohammadgagguturi 2 жыл бұрын
Awesome
@BD90..
@BD90.. 2 жыл бұрын
Interesting 🤔🤓
@okonkwochukwudalu9340
@okonkwochukwudalu9340 2 жыл бұрын
File shares again? I hope none of the IT folks over there bad mouthed Uber coz they are also guilty of storing passwords in installation scripts
@harshilshah2507
@harshilshah2507 2 жыл бұрын
MAN, WHAT ARE THE CHANCES? JUST 3 DOMAIN ADMINS AND ONE OF EM' A SERVICE ACCOUNT?
@hihi400
@hihi400 2 жыл бұрын
You get everything with domain controller
@Aarishzamankhan
@Aarishzamankhan 2 жыл бұрын
Looking for a video from The cyber mentor on how to root Android devices.😀😀
@igu642
@igu642 2 жыл бұрын
❤❤❤❤
@VagrantAce77
@VagrantAce77 2 жыл бұрын
How much to upload your brain? takes me long time to learn 😔
@FATAOS3C
@FATAOS3C 2 жыл бұрын
First viewer 👏🤠
@choice-flaky3626
@choice-flaky3626 2 жыл бұрын
This video explains from the LinkedIn post @heath made few days back.
How to Be an Ethical Hacker in 2025
45:59
The Cyber Mentor
Рет қаралды 45 М.
let's hack your home network // FREE CCNA // EP 9
30:16
NetworkChuck
Рет қаралды 4 МЛН
Sigma Kid Mistake #funny #sigma
00:17
CRAZY GREAPA
Рет қаралды 7 МЛН
Как Я Брата ОБМАНУЛ (смешное видео, прикол, юмор, поржать)
00:59
Yay😃 Let's make a Cute Handbag for me 👜 #diycrafts #shorts
00:33
LearnToon - Learn & Play
Рет қаралды 117 МЛН
Get Started With Ethical Hacking: Beginner To Master
15:47
Luke Dexter
Рет қаралды 7 М.
Simple Penetration Testing Tutorial for Beginners!
15:25
Loi Liang Yang
Рет қаралды 662 М.
How To Become Invisible Online
24:06
Hallden
Рет қаралды 2,8 МЛН
How Hackers Move Through Networks (with Ligolo)
20:01
John Hammond
Рет қаралды 282 М.
Compromising WINDOWS Hosts w/ Impacket (Active Directory #09)
18:14
Staying Focused in Cybersecurity
9:09
The Cyber Mentor
Рет қаралды 1,8 М.
Access Location, Camera  & Mic of any Device 🌎🎤📍📷
15:48
zSecurity
Рет қаралды 2,6 МЛН
How to HACK Website Login Pages | Brute Forcing with Hydra
18:21
CertBros
Рет қаралды 1,5 МЛН
Nokia now vs Then 💀🗿 #blowup #nokia #edit #foryou
0:31
skullmaxx
Рет қаралды 21 МЛН
Review Máy Đếm Tiền Tính Tổng #shorts
0:26
Review Máy Đếm Tiền
Рет қаралды 11 МЛН
Это самый популярный гаджет в мире
0:20
Анимация логотипа для компании MYCOM
0:46
FreelStep Shorts
Рет қаралды 1,4 МЛН