Home
Node Security
Cancel

Windows Custom Right Click Menu Option

How to add a custom menu option to the right click menu in Windows 10 and have it execute a command/application. Steps Open regedit.msc. Navigate to HKEY_CLASSES_ROOT\*\shell. Right click o...

Using Wget

How to perform requests using wget and setup a http proxy for wget. API Call wget https://testing.com/login Ignore Cert Issues --no-check-certificate Add Headers --header 'Authorization: Basic ...

User Dumping with MSOL

With MSOnline you can extract & search for users in a domain after obtaining a domain account. Install MSOnline Connect Search & Dump Commands Dump all Users Dump f...

When are OPTIONS Requests Sent?

In this post we’ll look at OPTIONS requests, when they get sent, and their security implications. A basic understanding of CORS and CSRF attacks would be beneficial before reading this post. S...

Admin to SYSTEM with PsExec

Escalate from admin to SYSTEM on a windows machine by doing the following. Download Tools Download Sysinternals Suite from Microsoft here. From Admin to SYSTEM Run the following command in an Adm...

Extract NTLM Hashes via Linux Live Boot

Using a live boot of Linux, we can extract the NTLM hashes of the windows accounts on a computer and attempt to crack to find out the passwords. Prerequisites Mount Drive Dump Hashes Prer...

Sticky Keys Windows Login Bypass

Using a live boot of Linux, we can bypass windows login by changing the sticky keys executable to command prompt. When at the windows login screen, stick keys can be activated to spawn a shell runn...

How to Kerberoast

Prerequisites PowerShell Import & Run Crack Tokens Prerequisites Make sure you’re on a domain joined computer, or are running PowerShell in the context of a domain user. Download th...

LSASS Dumping

Create a dump file of lsass process using multiple different techniques. Task Manager Create Dump File Procdump Download Tools Dump LSASS Minidum...

NodeJS Express SNI

In this post we’ll look at how to add SNI (Server Name Indication) to an express HTTPS server. This will allow us to return different certificates based on the domain (server name). This post will...