Pivoting, Tunneling and Lateral Movement - Techniques
Pivoting, Tunneling and Lateral Movement - TechniquesIf you want to scan ports with nmap using proxychains, the go to command is:proxychains nmap -sT -Pn -p 22 internal.server.local Since proxychains allows just direct TCP connect scans. Local Port Forwarding & Remote Port ForwardingLocal Port Forwardingssh -L [bindaddr]:[port]:[dsthost]:[dstport] [user]@[host] Remote Port Forwardingssh -R [bindaddr]:[port]:[localhost]:[localport]...
Vulnlab Feedback
Feedback VLNMAP Scanning:123456789101112131415161718192021222324└─$ nmap -A -sC -sV -p22,8080 10.10.127.134 -PnStarting Nmap 7.94SVN ( https://nmap.org ) at 2025-02-10 14:44 ESTNmap scan report for 10.10.127.134Host is up (0.039s latency).PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.5 (Ubuntu Linux; protocol 2.0)| ssh-hostkey: | 2048 63:ef:9d:79:12:a0:1a:08:92:8e:0d:b7:4a:7d:b2:7d (RSA)| 256 f8:bf:ad:21:f1:6b:e1:c8:dc:29:78:65:55:69:7e:37 (ECDSA)|_ ...
Vulnlab Sync
Sync VLNMAP Scanning:1234567891011121314151617181920212223242526272829└─$ nmap -A -sC -sV -p21,22,80,873 10.10.110.93 -Pn Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-02-10 13:36 ESTNmap scan report for 10.10.110.93Host is up (0.041s latency).PORT STATE SERVICE VERSION21/tcp open ftp vsftpd 3.0.522/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0)| ssh-hostkey: | 256...
Vulnlab Retro
Retro VLNMAP Scanning:1234567891011121314151617Some closed ports may be reported as filtered due to --defeat-rst-ratelimitPORT STATE SERVICE REASON53/tcp open domain syn-ack ttl 127135/tcp open msrpc syn-ack ttl 127139/tcp open netbios-ssn syn-ack ttl 127445/tcp open microsoft-ds syn-ack ttl 127464/tcp open kpasswd5 syn-ack ttl 127593/tcp open http-rpc-epmap syn-ack ttl 1273268/tcp open globalcatLDAP syn-ack ttl...
Understanding the PE
Understanding PEWhat does it mean ?The Portable Executable (PE) format is the standard file format used for executables, object code, dynamic-link libraries (DLLs), and other binary files on both 32-bit and 64-bit versions of Windows, as well as in UEFI environments. It serves as the primary format for executable files on Windows NT-based systems, including file types such as .exe, .dll, .sys (system drivers), and .mui. Essentially, the PE format is a structured data container that provides...
Understanding the PEB
Understanding The PEBComing soon…
Getting Started
👋 Hello WorldWelcome to my blog — and thank you for stopping by! 1echo "Hello, World!" This is my very first post, marking the start of this journey where I’ll be sharing my thoughts, research, and experiences in the field of cybersecurity. I’ll be covering topics like: 🔴 Red teaming 🛠️ Pentesting 🧠 CTFs & challenges 🔬 Research and more My goal is to make this blog a valuable place to learn, explore, and grow together within the infosec community. Whether you’re just...