Other attack vectors and strategies

Sometimes, you can't use the previous mentionned attacks for a reason or another, this doesn't mean that it's all played and you should go back home. There are other strategies you can & should use such as :

Run scans using Nessus or so for example to discover what's available in the network and maybe discover some vulnerable components
For a faster result, look for available websites using http_version for example and try to find maybe vulnerable websites that let's you RCE
Look for default on web logins such as :
- printers
- jenkins
- camera systems
- etc
Finally, think outside the box, depending on the env you're in, you might find some more interesting sutff.

With this we end our initial attack vector section.

PreviousCombining NTLM Relaying and Kerberos delegation NextASREPRoast

Last updated 5 years ago

Was this helpful?

Other attack vectors and strategies

Run scans using Nessus or so for example to discover what's available in the network and maybe discover some vulnerable components
For a faster result, look for available websites using http_version for example and try to find maybe vulnerable websites that let's you RCE
Look for default on web logins such as :
- printers
- jenkins
- camera systems
- etc
Finally, think outside the box, depending on the env you're in, you might find some more interesting sutff.

With this we end our initial attack vector section.

PreviousCombining NTLM Relaying and Kerberos delegation NextASREPRoast

Last updated 5 years ago

Was this helpful?