Skip to content
SecBytes
Menu
  • Home
  • Sumit Shrivastava (@invad3rsam)
  • Contact Me
Menu

Category: Network Penetration Testing

All the blog items in this category are related to Network Penetration Testing

Capturing NTLM Hashes using Bettercap

Posted on December 12, 2018December 12, 2018 by Sumit

Recently during an engagement, while I was performing an internal network assessment, I figured out that responder was not able to capture the hashes. Initially I thought that this might be due to some issue with the responder configuration or the options that I am using. After fiddling with it for a while, I started…

Continue reading

Getting system access using malicious word file

Posted on May 23, 2017January 12, 2020 by Sumit

Microsoft Office Word / Wordpad remote code execution vulnerability allows a remote attacker to execute arbitrary code on the system. An attacker can send specially crafted files which can cause the MS Word / Wordpad to download a remote shell and the attacker can gain access of the system. Once, the attacker has control of…

Continue reading

DDoS Simulation using DNS Aliases

Posted on October 12, 2016December 12, 2016 by Sumit

Background Recently, we encountered a security incident for one of our major BFSI clients. This client was hit by a DDoS attack. The victim received an email the previous day asking them to either pay certain ransom amount or become the victim of this attack. The severity of the attack would increase if the victim…

Continue reading

Recent Posts

  • Setting Up Wazuh Server – Part 3 (Wazuh Dashboard)
  • Setting Up Wazuh Server – Part 2 (Wazuh Manager)
  • Setting Up Wazuh Server – Part 1 (Wazuh Indexer)
  • Guide to Creating Virtual Machines from Proxmox Templates
  • Self-Hosted Kubernetes Cluster in your Home Lab

Categories

  • Application Security Assessment (2)
  • Capture The Flag (1)
  • CVE (1)
  • DevSecOps (4)
  • Lab Solution (1)
  • Metasploit (2)
  • Miscellaneous (5)
  • Network Penetration Testing (3)
  • Phishing (1)
  • Tips and Tricks (8)

SecBytes

  • GitHub
  • Twitter
  • Facebook

RSS Exploit DB Update

  • [local] Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges July 16, 2025
    Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
  • [webapps] Langflow 1.2.x - Remote Code Execution (RCE) July 16, 2025
    Langflow 1.2.x - Remote Code Execution (RCE)
  • [hardware] TOTOLINK N300RB 8.54 - Command Execution July 16, 2025
    TOTOLINK N300RB 8.54 - Command Execution

Legal

  • Disclaimer
  • Privacy Policy
  • Cookie Policy

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

© 2025 SecBytes | Powered by Minimalist Blog WordPress Theme