Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat

Name: Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
Uploaded: 2019-05-09T09:44:51Z
Channel: The Cyber Mentor
Description: Zero to Hero: 0:00 - Welcome 2:37 - Lesson overview 5:00 - Downloading our ISOs 6:35 - Installing Windows Server 2016 and Windows 10 16:30 - Renaming Wi...

The Cyber Mentor · Beginner ·🔐 Cybersecurity ·6y ago

Zero to Hero: 0:00 - Welcome 2:37 - Lesson overview 5:00 - Downloading our ISOs 6:35 - Installing Windows Server 2016 and Windows 10 16:30 - Renaming Windows Server 2016 19:00 - Installing VMWare Tools on Server 2016 21:15 - Finishing Windows 10 install 24:20 - Installing Active Directory Domain Services / Downtime Q&A 39:20 - Creating our first domain user 40:40 - Installing VMWare Tools on Windows 10 / Renaming Windows 10 43:05 - Joining Windows 10 machine to domain 48:30 - Setting up a SMB share 51:30 - LLMNR/NBT-NS poisoning overview 56:00 - Using Responder to capture NTLMv2 hashes 1:07:00…

Watch on YouTube ↗ (saves to browser)

Chapters (44)

Welcome

2:37 Lesson overview

5:00 Downloading our ISOs

6:35 Installing Windows Server 2016 and Windows 10

16:30 Renaming Windows Server 2016

19:00 Installing VMWare Tools on Server 2016

21:15 Finishing Windows 10 install

24:20 Installing Active Directory Domain Services / Downtime Q&A

39:20 Creating our first domain user

40:40 Installing VMWare Tools on Windows 10 / Renaming Windows 10

43:05 Joining Windows 10 machine to domain

48:30 Setting up a SMB share

51:30 LLMNR/NBT-NS poisoning overview

56:00 Using Responder to capture NTLMv2 hashes

1:07:00 Cracking NTLMv2 hashes with Hashcat

1:15:10 LLMNR poisoning defenses

1:18:50 Will you ever do a stream on stack overflows?

1:21:03 What is the success rate of LLMNR?

1:22:10 Problems with turning LLMNR off?

1:23:10 Can you place the mitigation slide back up?

1:23:45 How much should you spend on a password cracking rig?

1:24:45 Cobalt vs Metasploit vs Empire - your favorite?

1:26:00 How do you obfuscate Meterpreter?

1:26:40 Does Veil still work?

1:28:42 host-apd or eap hammer?

1:29:40 Has a customer ever intentionally prevented you from doing your job?

1:30:50 Favorite podcasts?

1:31:30 Do you put exploited users in a report? Worried about their firing?

1:32:50 When is your Many Hats appearance coming out?

1:33:10 HackerOne? Bug bounties?

1:35:40 Are you married?

1:35:50 Bug bounties continued

1:37:50 New unconstrained delegation exploit?

1:39:40 OWA spraying and lockout

1:41:20 Favorite bug bounty?

1:42:44 Ever crashed anything on a test?

1:43:50 Funny pentest stories?

1:47:20 Opinion on the cloud and future pentest demand?

1:49:40 What are you looking for when you hire a pentester?

1:53:18 Is pentesting looked down upon?

1:54:10 I want to be a pentester because it's intense, is that a good reason?

1:55:37 What is the OSCP good for?

1:56:35 Thoughts on practical assessments for job hiring?

1:58:10 SOC or

Playlist

Uploads from The Cyber Mentor · The Cyber Mentor · 36 of 60

← Previous Next →