TCPDump

Locate tcpdump which tcpdump Install TCPdump sudo apt install tcpdump Tcpdump Version Validation sudo tcpdump --version TCPDump will resolve IPs to hostnames by default. Traffic Captures with Tcpdump Basic Capture Options Switch CommandResultDWill display any interfaces…

Traffic Analysis Essentials

There are two main techniques used in Traffic Analysis: Flow AnalysisPacket AnalysisCollecting data/evidence from the networking devices. This type of analysis aims to provide statistical results through the data summary without applying in-depth packet-level investigation.Advantage: Easy to…

Understanding Kerberos Authentication

Kerberos Authentication Referenceshttps://www.youtube.com/watch?v=snGeZlDQL2Q https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/b4af186e-b2ff-43f9-b18e-eedb366abf13 krbtgt account -→ KDC Service Account Ticket Details Authorization Data is Microsoft addition to Kerberos; can be manipulated to modify Group membership..etc and launch attacks. Domian Policy about Kerberos settings (default): The…

TryHackMe: OpenVPN Issues and Fixes

OpenVPN complaining of depreciated ciphers ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server. Fix: sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn