July 14, 2023

Infected Adds in Instagram.

Buenas, hoy vengo hablar de una cosa que me he encontrado en Instagram, y creo que pasa en muchas mas redes sociales, hablo de los anuncios/publicidad que muestran las redes sociales. Como bien sabeis en las redes sociales puedes pagar para publicitar...

Read

April 26, 2023

NTLM Relay Attack

A NTLM relay attack is a type of network attack where an attacker intercepts the authentication traffic between two devices and forwards it to the victim device, without the knowledge or consent of the two devices. The attack targets the NTLM (NT LAN...

Read

April 21, 2023

Phishing with Bypass 2FA

Hey I'm sorry for not having posting nothing for so long but I'm studing the eJPTv2 certificacion and that keeps me ocupated. Today I'm going to share with you one of the most phishing attacks that am reciving in my work. A few days ago a phishing...

Read

April 15, 2023

Write Up - Onepunchman

Heey! Today I'm going to document how to solve the Onepunchman machine CTF from CatSkills that is a hacking competition in my town let's see how to own the machine. The first thing we will do is to have our enviroment organized just creating three...

Read

January 21, 2023

Pass-The-Hash.

Hi welcome back to my blog, today we will be watching how to make a Pass-The-Hash with Mimikatz, Windows Credential Editor and PsExec. This tecnique allows us to make privilages escalation in Windows Active Directory. Pass-The-Hash is the name given...

Read

December 10, 2022

Cracking LM and NT hashes.

Welcome to my post, today we will crack all the hashes we extract from the previous post with Mimikatz, Metasploit, Windows Credential Editor. This is one thing we can do in a pentest when we get this kind of hashes, if the passwords is realy easy we can...

Read

December 3, 2022

Dumping SAM and extraction LNTM hashes.

Hi welcome back to my post, I'm glad that you're here today we'll see how to dump and how to extract the SAM and NTLM hashes with difrents tools, like Metasploit, Mimikatz , pwDump7 and WCE. In this post we'll focus on how to manage this tools and how to...

Read

November 26, 2022

Bypass UAC with Event Viwer.

Hi what's up people? I hope you had a great weekend of hacking, today we will be bypassing UAC but this time we'll use metasploit to change a little bit. Also we'll see which are the 4 steps that we need to bypass UAC in the way that we are implemeting...

Read

November 19, 2022

How abuse sdclt.exe to Bypass UAC.

Welcome to one of the parts of the book that I like the most, I recognize that we are still in the first chapter but what I am going to show you here is going to blow your mind. If you like Windows hacking you are probably familiar with the concept of...

Read

November 12, 2022

How to bypass UAC with CompMgmtLauncher.

Welcome back to my blog, today I will document a POC of how to bypass the UAC with the CompMgtmLauncher. This technique is only vulnerable with Windows 7 machines so for our lab we will need a Windows 7 and our Kali linux. I'm doing this cause I'm...

Read

November 1, 2022

Inyecting Javascript with Squid.

Here we go again, sorry for not publishing so often but I was realy busy this days . For now on I will document the posts in English couse it helps me to improve my writeing skills. That being said let's beggin with the post, here we will learn how to...

Read

September 27, 2022

Como recopilar direcciones IP públicas con Telegram e Instagram.

Hoy os voy a enseñar la importancia de qué es importante comprobar un link antes de darle clic. Todos sabemos qué hacer clic en un link puede ser desastroso y es cierto que podemos ser infectados, pero hay muchas otras cosas que nos pueden pasar a la...

Read

September 25, 2022

Como obtener una reverse shell a tarvés de internet con la ayuda de un USB.

Personalmente era una duda que siempre me había hecho y no terminaba de entender muy bien que tenía que hacer para lograr eso, cuando empecé en el hacking para ganar acceso a una máquina teníamos que ejecutar una reverse shell y así tomar el...

Read

July 14, 2022

¿ Por que no te puedes fiar de los paquetes .deb ?

En este post vamos a ver la importancia de comparar los hashes MD5 de los archivos que nos descargamos antes de instalarlos, ya que podrían ser modificados. En todas las páginas que nos podemos descargar un archivo normalmente viene acompañado de una...

Read

July 10, 2022

¿ Quien soy ?

Bueno este es mi primer post en mi blog sobre Ciberseguridad, aquí me gustaría hacer un apartado de todo lo que he aprendido en el grado superior de Administración de Redes con perfil de Ciberseguridad. Voy a publicar el contenido más interesante que...

Read

¡ Aqui mi canal de Twitch donde hago directos !