logo

Browse Infrastructure Content

Discover the best Infrastructure pentesting and infosec content, updated every day.

⚠️ CVE

πŸ•ΈοΈ Web

πŸ–₯️ Infrastructure

πŸ“„ Active Directory

🦠 Malware

☁️ Cloud

πŸ€” Other

πŸ§‘β€πŸ’» Bug Bounty

Blue Wave

181 Infrastructure Items

πŸ… All content

πŸŽ₯ Watch

πŸ“– Read

🎧️ Listen

πŸ… All content

πŸŽ₯ Watch

πŸ“– Read

🎧️ Listen

πŸ“– READ

Why Nmap Scans Are So Slow and How to Speed Them Up

Learn how to tune Nmap to get port scans completed faster without negatively impacting scan accuracy, or causing an outage.

πŸ“– READ

How to Use Nmap to (Accurately) Scan for Open Ports

How to use Nmap to perform accurate port scans assets, understand frequently overlooked options (including the defaults!) that lead to inaccurate scan results.

πŸ“– READ

oneshell to rule them all

In this article I propose a new tool oneshell to solve some of the problems with existing reverse shell tooling.

πŸŽ₯ WATCH

KubeHound and Beyond

Kubernetes pentesting. Enumeration, lateral movement and privesc with Kubehound.

πŸŽ₯ WATCH

Understanding Windows Lateral Movements

The aim of this presentation is understanding the art of user impersonation in Windows systems.

πŸ“– READ

Using Minifilters to Disable EDRs

I present a new technique involving signed minifilters to disable EDR systems.

πŸ“– READ

CERTICEPTION: THE ADCS HONEYPOT WE ALWAYS WANTED

We regularly challenge and beat Fortune500 defenses. Often times, a decent ADCS honeypot could have stopped us. So we built one.

πŸ“– READ

Evading Defenses and Moving Laterally with SCCM AD

Compromise of an SCCM administrator can lead to compromise of every machine managed by SCCM. SCCM administrators must be considered highly privileged accounts.

πŸ“– READ

Exploring Modern Password Spraying

Delve into the modern techniques and security controls surrounding password spraying. This will explore the current TTPs for password spraying.

πŸ“– READ

Nighthawk 0.3 – Automate All the Things

Nighthawk’s 0.3 release is probably the most significant and impactful change to the framework since its creation.

πŸŽ₯ WATCH

Stealing Computer Passwords on Login

This script would allow red teams get windows passwords in cleartext which can be useful in pentest engagements.

πŸ“– READ

Spray passwords, avoid lockouts

This article is not about something new, but rather a report on my research into password policies in an Active Directory environment.

Back to top
indiedex-logo

Pentest List is a curation of the latest top-rated tools and content in penetration testing and security defense. Discover cutting-edge tools, blogs, and more, covering port scanning, SQL injection, and a wide range of other vulnerability exploits.

2024 Pentest List, All Rights Reserved.