What you'll learnHow to use multiple methods to escalate privleges on modern versions of Windows 10
How to escalate privleges in CTFs such as HackTheBox, TryHackMe and more
How to succeed in CTF style exams such as the OSCP, eCPPT and CEH
How to level up your ethical hacking, penetration testing and red teaming skills to earn more money in your career
RequirementsA HackTheBox VIP Subscription is Required
Basic knowledge of virtual machines
DescriptionNew Launch for Spring 2021!This is a 100% hands on course as you will be using the same tradecraft and techniques Red Teamer's and advanced adversaries use to escalate privileges on Windows endpoints after they have gained initial access and established a foothold. This course is not "death by PowerPoint", in fact there is not a single Powerpoint slide in the course. This course is aimed for intermediate to advanced users who are hungry to know how to discover and exploit novel escalation paths on patched fully patched Windows 10 endpoints. Everything is carefully, explained - step-by-step.Additionally, although Metasploit is used in some attacks, we will be using less Metasploit and more manual walk-throughs because I wanted to take the time to carefully explain WHY each method works and detail how common misconfigurations happen in enterprise environments.Where Metasploit is used, everything is carefully explained and deconstructed so you can understand why and how it works. Exploits start easy and escalate in difficulty as you progress through the course.The TechniquesYou will quickly learn and execute the following escalation of privilege techniques across 5 vulnerable machines Windows Kernel ExploitsWeak Registry Permissions Token ManipulationCVE Exploits DPAPI Abuse AS-REP Roasting (Four New Lectures Just Added November 2021!)The ToolsYou will use msfvenom, BC Security PowerShell Empire, CrackMapExec, PSExec, WMIExec, Bloodhound, netcat, smbserver, ldapsearch, smbclient, rpcclient, hashcat, GetNPUsers, evil-winrm, wfuzz, gobuster, dirsearch, sqlmap, Mimikatz, DeepBlueCLI, Burp Suite (advanced features), Python 3, Powershell 7 on Linux and more. You will learn IIS 10 Server Administration, how to threat hunt for SQLi attacks in web logs and much much more.My dream for youBy the end of this course you should be able to use these techniques in:Your day to day workOSCP preparationCTF hackingAbout the labThere are 10 vulnerable machines.No lab setup is required as the entire environment is already established in HackTheBox VIP labsI wanted to make this course as realistic as possible while removing as many barriers to entry as possible so I've partnered with HackTheBox VIP labs to make it as easy as possible to get started.Yes, HackTheBox is an additional charge but it offers hundreds of pre-configured vulnerable machines in a lab which is accessible via a VPN connection. This means you can get started right away and don't have to waste time fumbling with VirtualBox and VMWare settings on your local system. Most of the systems are also licensed which provides the best environment for realistic exploitation.Tip:I made these videos so all commands are zoomed in close so you can watch on a mobile phone if desired. I hate watching videos on my smartphone and squinting at the command prompt or terminal. Never again will that happen.
OverviewSection 1: Start
Lecture 1 Accessing the HackTheBox Labs
Lecture 2 Exploring your HackTheBox VIP account
Lecture 3 Hands On with pwnbox: Your Attacker VM
Lecture 4 Hands On with pwnbox: How to Connect via SSH
Lecture 5 Hands On with Kali: How To Connect via OpenVPN
Section 2: Techniques
Lecture 6 Kernel Exploits (Compromise)
Lecture 7 Kernel Exploits (Thought Process)
Lecture 8 Kernel Exploits (Final Escalation)
Lecture 9 Weak Registry Permissions (Compromise)
Lecture 10 Weak Registry Permissions (Horizontal Escalation)
Lecture 11 Weak Registry Permissions (Vertical Escalation)
Lecture 12 Weak Registry Permissions (Threat Hunting the Attack)
Lecture 13 BONUS! Weak Registry Permissions (MITRE ATT&CK Mapping)
Lecture 14 Token Manipulation (Compromise)
Lecture 15 Token Manipulation (Vertical Escalation)
Lecture 16 Token Manipulation (Threat Hunting the Attack)
Lecture 17 BONUS! Token Manipulation (MITRE ATT&CK Mapping)
Lecture 18 CVE (Compromise)
Lecture 19 CVE (Vertical Escalation)
Lecture 20 CVE (Vertical Escalation) Dangerous Alternate Method
Lecture 21 CVE (Threat Hunting the Attack) ... kinda!
Lecture 22 DPAPI (Compromise)
Lecture 23 DPAPI (Vertical Escalation) DPAPI Abuse with Mimikatz
Lecture 24 DPAPI (Vertical Escalation) runas Cached Credentials Abuse
Lecture 25 AS-REP (Compromise)
Lecture 26 AS-REP (Vertical Escalation) Powerview + DCSync
Lecture 27 AS-REP (Golden Ticket) BONUS!!
Lecture 28 AS-REP (Threat Hunting the Attack) with DeepBlueCLI.ps1!!!
Section 3: BONUS SECTION: THANK YOU!!!
Lecture 29 BONUS LECTURE
Students interested in how attackers escalate privileges on modern Windows endpoints,Beginning and Intermediate cyber security students.,Students looking for OCSP practice
Buy Premium Account From My Download Links & Get Fastest Speed.