Play all

- Welcome

- Quick housekeeping

- Scanning our targets

- Reviewing nmap results for Blue

- Checking for MS17-010 w/ nmap

- Exploiting MS17-010 w/ Metasploit and post enumeration

- Reviewing nmap results for Active

- Extracting data w/ smbclient

- GPP/cPassword overview/exploitation

- Kerberoasting and post enumeration

- How old is the GPP exploit?

- Are you running Windows on VM?

- Is the OSCP still worth it for HR purposes?

- What sort of credentials to get into pentesting from military?

- Does Metasploit leave remnants?

- Errors on GetUsersSPN?

- Bug bounty hunting certs?

- Pass the Kerberos hash?

- Is it better to start on externals before internals?

- Internal pentest resources?

- Any experience w/ Rapid7?

- How fast is your cracking rig?

- Have you used Commando?

- Bug bounties for internal?

- Powershell on assessments?

- Have you done any Bluetooth attacks?

- How would I go about starting my own consulting company / business advice?

- What is your computer setup like?

- RFID hacking?

- Finding talent to start a company / do you have to work X amount of years before starting a business

- Thoughts on cloud certifications?

- Network vs Web Pentesting in terms of pay, jobs, etc?

- CS or IT major in college to become a pentester?

- Is the US the best country to work in for cybersecurity?

- Is PentesterLab more web app or network focused?

- Is the Web Application Hacker's Handbook still relevant?

- Do you run a gaming router?

- How are you planning to charge companies?

- Phishing tools?

- Any assessments that have stumped you?

- Any wifi stories?

- Does the blue team actively try to stop you in assessments?

- Have you ever crashed a server?

Description:

Dive into an extensive cybersecurity tutorial covering advanced exploitation techniques and penetration testing methodologies. Learn how to scan targets, exploit MS17-010/EternalBlue vulnerabilities, extract data using smbclient, and perform GPP/cPassword attacks and Kerberoasting. Explore post-exploitation enumeration strategies and gain insights into various aspects of cybersecurity careers, certifications, and industry trends through an in-depth Q&A session. Discover valuable resources, tools, and advice for aspiring penetration testers and cybersecurity professionals.

Zero to Hero - MS17-010-EternalBlue, GPP-cPasswords, and Kerberoasting

Cyber Mentor

Add to list

#Information Security (InfoSec) #Penetration Testing #Cybersecurity #Metasploit #Security Assessment #Computer Science #Information Technology #Windows Systems Administration #Windows Server #Active Directory #Active Directory Security #Kerberoasting

-01:16

Zero to Hero - MS17-010-EternalBlue, GPP-cPasswords, and Kerberoasting

1 - Welcome