Papers

Home » Papers

Enumerating and understanding SID for Post Exploitation

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan 
Enumerating and understanding SID for Post Exploitation

INFO Credits: Windows

A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Windows operating systems. Well-known SIDs are a group of SIDs […]

By |August 10th, 2017|Papers|

Msfvenom Cheat Sheet

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan | Hackers Charity

A quick custom cheatsheet for creating payloads using msfvenom. Major chunk of work happens around these payloads.For more info refer: (Note: RHOST is not mandatory in any of the bind shells)

Listing payloads
msfvenom -l

Windows […]

By |June 29th, 2017|Papers|

Make hashdump module work with Windows 10 – SAM Mode

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Rogdham

The new patch mechanism dont allow you to get the hashdump on Windows 10. Currently the hashdump module will display all hash output are empty.

Example (all hash empty on Windows 10):
Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
IEUser:1000:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
sshd:1001:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
sshd_server:1002:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::

Recently Rogdham came up with new […]

By |June 19th, 2017|Metasploit, Papers|

Grab TOR hidden service configurations in linux – Advance Footprinting

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credit: xcellerator

This is nice and clean post exploitation that steals hostnames and private keys of TOR hidden services originating from the target machine. The technique can be used and implemented in Advance Footprinting as well as Forensics.

Tested […]

By |June 19th, 2017|Metasploit, Papers|

UAC bypass module for Windows 10 – Metasploit

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credit: Christian

This module exploit a recently disclosed bypassuac method on windows 10 that is currently unpatched.
By editing a registry key and launching fodhelper.exe autoelevated process, one can get an elevated meterpreter session without dropping any file.
This technique […]

By |June 19th, 2017|Metasploit, Papers|

Stay anonymous while hacking online using TOR and Proxychains

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

TOR
Tor is software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy. It gives you access to the dark web.

Dark web is nothing […]

By |May 4th, 2017|Papers|

ShodanHat – Search For Hosts Info With Shodan

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Search For Hosts Info With Shodan.

Dependencies
You need to install shodan with pip install shodan or easy_install shodan.
You need to install python-nmap with pip install python-nmap.
You need to set your API Key in the ‘constantes.py’ file.

Options
-h, –help […]

By |April 27th, 2017|Papers|

IR-RESCUE – A WINDOWS BATCH SCRIPT TO COMPREHENSIVELY COLLECT HOST FORENSIC DATA DURING INCIDENT RESPONSE.

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

IR-RESCUE is a Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility.
It is intended for incident response use at different stages in the […]

By |April 27th, 2017|Papers|

REGA & REGEX : FORENSIC AND REGISTRY ANALYZER

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

REGA is the forensic tool performing collection and analysis of the windows registry hives. (GUI application)
RegEX is a console application for collecting registry hive files.
Supported platforms
Windows (written in C/C++ and MFC)
Platform : Windows
Features
Target OS
Windows NT / […]

By |April 27th, 2017|Papers|

MARA FRAMEWORK V0.2(BETA) – MOBILE APPLICATION REVERSE ENGINEERING & ANALYSIS FRAMEWORK.

Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Ken-Pachi / August 12, 2016 / Comments Off on Mara framework v0.2(beta) – Mobile Application Reverse Engineering & Analysis Framework. / Android Tools, Anti Malware/Virus – Malware Analysis, Encryption, Framework, Registry Analysis, Security Tools
Changelog v0.2(beta):
* Adding […]

By |April 26th, 2017|Papers|