The Hacker Recipes
GitHub
Twitter
Exegol
Tools
Search…
⌃K
Links
Introduction
Active Directory
Reconnaissance
Movement
Credentials
MITM and coerced auths
ARP poisoning
DNS spoofing
DHCP poisoning
DHCPv6 spoofing
WSUS spoofing
LLMNR, NBT-NS, mDNS spoofing
ADIDNS poisoning
WPAD spoofing
MS-EFSR abuse (PetitPotam)
MS-RPRN abuse (PrinterBug)
MS-FSRVP abuse (ShadowCoerce)
MS-DFSNM abuse (DFSCoerce)
PushSubscription abuse
WebClient abuse (WebDAV)
🛠️ NBT Name Overwrite
🛠️ ICMP Redirect
🛠️ Living off the land
NTLM
Kerberos
DACL abuse
Group policies
🛠️ Trusts
Netlogon
Certificate Services (AD-CS)
SCCM / MECM
Exchange services
Print Spooler Service
Built-ins & settings
Persistence
Web services
Reconnaissance
Configuration
Accounts and sessions
User inputs
Systems & services
Reconnaissance
Initial access (protocols)
Initial access (phishing)
Privilege escalation
Pivoting
🛠️ Physical
Locks
Networking
Machines
Super secret zones
🛠️ Intelligence gathering
CYBINT
OSINT
GEOINT
🛠️ RADIO
RFID
Bluetooth
Wi-Fi
Wireless keyboard/mouse
🛠️ mobile apps
Android
iOS
Powered By
GitBook
🛠️ NBT Name Overwrite
https://twitter.com/PythonResponder/status/1379251124985851904
Previous
WebClient abuse (WebDAV)
Next
🛠️ ICMP Redirect
Last modified
1yr ago
