Today’s post will be dedicated to Windows Management Instrumentation (WMI) and how to use it in a pentesting engagement. We already talked briefly about WMI in How to Hack Like a GOD, but the idea is to expand on what was already presented and discover…

In Hack Like a Pornstar we had a number of machines sharing the same local administrator account. We had to launch Mimikatz on all of them in the hope of getting that Domain Admin account. This post will go over the different ways to achieve…

Few techniques can claim to be as popular and effective as good ol’ pass the hash in Windows environments. This prime example highlights the danger of screwing up the design of an authentication protocole. This post does not aim to explain PTH, we have talked…