Skip to content
SecBytes
Menu
  • Home
  • Sumit Shrivastava (@invad3rsam)
  • Contact Me
Menu

Category: Network Penetration Testing

All the blog items in this category are related to Network Penetration Testing

Capturing NTLM Hashes using Bettercap

Posted on December 12, 2018December 12, 2018 by Sumit

Recently during an engagement, while I was performing an internal network assessment, I figured out that responder was not able to capture the hashes. Initially I thought that this might be due to some issue with the responder configuration or the options that I am using. After fiddling with it for a while, I started…

Continue reading

Getting system access using malicious word file

Posted on May 23, 2017January 12, 2020 by Sumit

Microsoft Office Word / Wordpad remote code execution vulnerability allows a remote attacker to execute arbitrary code on the system. An attacker can send specially crafted files which can cause the MS Word / Wordpad to download a remote shell and the attacker can gain access of the system. Once, the attacker has control of…

Continue reading

DDoS Simulation using DNS Aliases

Posted on October 12, 2016December 12, 2016 by Sumit

Background Recently, we encountered a security incident for one of our major BFSI clients. This client was hit by a DDoS attack. The victim received an email the previous day asking them to either pay certain ransom amount or become the victim of this attack. The severity of the attack would increase if the victim…

Continue reading

Recent Posts

  • Self-Hosted Kubernetes Cluster in your Home Lab
  • Creating VM Templates in Proxmox
  • Before starting to use Proxmox
  • Setting up a low-budget home lab
  • Blocking Ads on Your Home Network

Categories

  • Application Security Assessment (2)
  • Capture The Flag (1)
  • CVE (1)
  • DevSecOps (1)
  • Lab Solution (1)
  • Metasploit (2)
  • Miscellaneous (2)
  • Network Penetration Testing (3)
  • Phishing (1)
  • Tips and Tricks (4)

SecBytes

  • GitHub
  • Twitter
  • Facebook

RSS Exploit DB Update

  • [webapps] Wp2Fac - OS Command Injection September 8, 2023
    Wp2Fac - OS Command Injection
  • [webapps] Wordpress Plugin Elementor 3.5.5 - Iframe Injection September 8, 2023
    Wordpress Plugin Elementor 3.5.5 - Iframe Injection
  • [remote] GOM Player 2.3.90.5360 - Remote Code Execution (RCE) September 8, 2023
    GOM Player 2.3.90.5360 - Remote Code Execution (RCE)

Legal

  • Disclaimer
  • Privacy Policy
  • Cookie Policy

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

© 2023 SecBytes | Powered by Minimalist Blog WordPress Theme