Hello fellas, or as we say in Germany: “Hallo Freunde der fettfreien Leberwurst.”

In today’s blog-post we´ll be talking about relaying attacks, or more precisely about NTLM relaying attacks. So let´s get started.

As you already know I am new to the pentest field and as such we´re not going to deep dive here, but instead I am trying to give you an overview of what, why and when, mixed with some practical examples in regards to relaying attacks. Wherever applicable I´ll provide you with links for further reading.

Today we´re going to talk a little about possible ways to circumvent some of the security measures one might face during an engagement in an Active Directory environment.

We as pentesters are heavily relying on our tools like Bloodhound, Rubeus, mimikatz and all the other fancy stuff. Be it for an internal assessment or a Red Team campaign.

But the Blue Team is not at sleep, trying to keep the bad guys outside with their newest AI machine learning cyber tools.

In this blog-post I am trying to demystify SMTP (at least for myself).
What exactly is it used for? What parties are involved? What about authentication and when? What attack surfaces are you opening with incorrect settings?

As you may have read in the other posts, I will most likely try to reflect my knowledge on specific topics or work on certain problems I face (mainly during work), where these blog-posts are aimed to help me.

This time it´s all about SMTP in regards of possible attacks and countermeasures, all from the point of view of an external attacker.

Recently my team had a discussion about what the exact difference between AS_REP Roasting and Kerberoasting is.
As we were short of time, we did not come to a concrete answer and were also not able to find an article that explains it in short.

I am neither a professional with years of experience nor a Kerberos guru. So if you are looking for a complex deep-dive, feel free to move along.

This is my very first blog post ever, which I am trying to use to get a little into github (pages), and because I was in the mood to write something.
As I am fairly new into being a fulltime InfoSec guy, I´ll be writing about how I got into it and how I landed my current job as a pentester.
This will also reflect my point of view regarding the right mindset and certifications that might get you started.