Staphysec
  • StaphySec
  • Resources
  • Tricks
  • Brute Force - CheatSheet
  • File Transfer
    • Windows File Transfer
    • Linux File Transfer
    • HTTP/SMB/Nginx/Web Servers/Netcat
  • Hashcat
  • Cheatsheet
  • Curl
  • Tools
    • Cracking
    • Information Gathering
    • XSS
    • Obfuscation
    • Credentials Theft/ Win
    • Content Management Systems (CMS)
  • Programming and Scripting
    • Virtualenv & Switching Versions
    • Python
  • SHELLS
    • Shells (Linux, Windows, Msfvenom)
  • Linux
    • CheatSheet
    • EOP Linux Tools and Resources
    • Blogs
  • Windows
    • CheatSheet
    • EOP Windows Tools and Resources
    • Useful commands and Modules
    • Active Directory
      • Tools
  • Blogs
    • Miscellaneous resources
  • PENTESTING
    • 21 - Pentesting FTP
    • 22 - Pentesting SSH
    • 25,465,587 - Pentesting SMTP
    • 53 - Pentesting DNS
    • 110,995 - Pentesting POP
    • 135 - Pentesting WMI
    • 139,445 - SMB Pentesting
    • 143,993 - Pentesting IMAP
    • 161,162,10161,10162/udp - Pentesting SNMP
    • 623/UDP/TCP - IPMI
    • 1433 - Pentesting mssql
    • 2049 - NFS Pentesting
    • 3306 - Pentesting Mysql
    • 3389 - Pentesting RDP
    • 5985,5986 - WinRm
  • Pentesting Web
    • SQL Injections
      • MySQL injection
      • SQLmap Cheatsheet
    • Command injections
    • File Uploads
    • Abusing Intermediary Applications
    • HTTP Verb Tampering
    • IDOR
    • File Inclusion / Directory Traversal
    • XXE - XEE - XML External Entity
    • SSRF
    • SSI/ESI
    • SSTI (Server Side Template Injection)
    • XSLT Server Side Injection (Extensible Stylesheet Languaje Transformations)
Powered by GitBook
On this page
  • Ldap install
  • Bloodhound
  • neo4s password reset
  • Cypher Queries
  1. Windows
  2. Active Directory

Tools

PreviousActive DirectoryNextMiscellaneous resources

Last updated 3 years ago

Ldap install

apt install python3-ldap

Bloodhound

: Target Selection and API Usage.

This explains each of the edges in-depth and provides abuse info for how each one can be leverage to further our rights and access as well as opsec considerations regarding the types of artifacts that may be generated by a specific attack or ways that the attack may be detected by security monitoring personnel.

info on all the various switches, check this by @CptJesus

neo4s password reset

locate neo4j | grep auth

then delete /usr/share/neo4j/data/dbms/auth

Cypher Queries

A Cypher reference card showing commands and their syntax can be found .

THE DOG WHISPERER'S .

SharpHound
BloodHound.py
document
post
here
Book