Librarium
Settings

Windows Pentest Tutorial (Active Directory Game Over!)

David Bombal
technologybug bountycacookiecross site scriptingdomain hackethical hackerfree web hackinghackhackerhackinghttphttpsjscriptkalikali linuxmicrosoftmicrosoft windowsoffensive securityoffsecoscpowaspowasp top 10pen 200pen-200pen200penetration testerpenetration testingpentesterpentestingportswiggersslweb hackingweb hacking pro tipswebsitewindowswindows hackxss

Get your 10% discount here: https://www.offsec.com/review/david-pwk-2023/

Disclaimer: I was NOT paid for this interview. I wanted to make this video because it affects many of you watching and is a major topic on the OSCP exam. However, OffSec did give me access to Learn One for one year so I could see the course content. This has helped me prepare for the interview. Hopefully I'll be able to make more content covering what is in the PEN 200 course in future :)

// Documentation // Changes: https://www.offsec.com/offsec/pen-200-2023/ Course: https://www.offsec.com/courses/pen-200/

// Offsec // Twitter: https://twitter.com/offsectraining Website: https://www.offsec.com/ LinkedIn: https://www.linkedin.com/company/offsec-training/

// Remi's SOCIAL // LinkedIn: https://no.linkedin.com/in/remi-solberg-8991b910a

// David's SOCIAL // Discord: https://discord.gg/davidbombal Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal

// MENU // 00:00 - Coming up 01:31 - Disclaimer 01:57 - Remi Solberg introduction & background 03:37 - Jump to a timestamp (check in description below) 03:57 - Simulated full-scale penetration test demo // Hacking Windows 05:12 - OffSec Learn One discount! 06:22 - Penetration test demo 09:38 - Documentation & enumeration // Prepping for penetration test 23:25 - Penetration test demo // Accessing users 30:10 - Privilege escalation 37:44 - Using ICACLS (Integrity Access Control Access List) 43:59 - Privilege escalation (continued) 52:14 - Getting around obstacles // Social engineering 53:23 - Privilege escalation (continued) 57:19 - Stealing credentials 59:11 - Using Mimikatz tool // Kerberos and NTLM Authentication (theory) 01:07:33 - Mimikatz tool demo 01:06:05 - Penetration test demo (continued) // Exposing passwords & credentials 01:23:25 - What a malicious hacker would do 01:25:55 - The "Golden Ticket" // How to forge a ticket 01:45:07 - Demo summary & tips 01:48:05 - Conclusion

// MY STUFF // https://www.amazon.com/shop/davidbombal

// SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

oscp pen-200 offsec offensive sercurity pentest pentester hack hacker hacking ethical hacking ethical hacker course ethical hacker

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#hacker #pentester #oscp ... https://www.youtube.com/watch?v=f8jGhLwCa28

2023-06-02
0.01267712 LBC
Copyrighted (contact publisher)

247803480 Bytes