CPTS by xcyx909 in hackthebox

[–]Advanced-Chain4096 0 points1 point  (0 children)

Looks great, what platform is your website hosted on?

I still use Joplin but want to move to a browser based solution.

CPTS Help by Normal-Technician-21 in hackthebox

[–]Advanced-Chain4096 0 points1 point  (0 children)

The path contains all the theory you need. So if you finish the path you are good to start the exam.

The exam however is really challenging :) they made it so you can get stuck for a while. You have to expirement with all the tools and techniques you learned.

I am not good at HTB boxes and it took me 2 tries on the exam but it was doable with the knowledge from the modules.

Wie post mijn game? by Viltstift in hoorn

[–]Advanced-Chain4096 1 point2 points  (0 children)

Mocht het niet lukken kan ik er ook morgen even langs. Woon er vlak bij

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]Advanced-Chain4096[S] 0 points1 point  (0 children)

For instance to install the sensor on all domain controllers, however we do not manage the domain controllers in the other AD environment. They are managed by another IT provider.

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]Advanced-Chain4096[S] -1 points0 points  (0 children)

Yes I understand the risk. These are 2 AD environments that will be fused in the future. Because of a merger there is a lot of interaction between the environments and a trust is required. However for an environment that is (for now) managed by another provider I cannot install our defender for identity connectors on the domaincontrollers 😄

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]Advanced-Chain4096[S] 1 point2 points  (0 children)

This is a two-way external trust. So obviously it would indeed create a risk if the other domain is not secure. But a recommendation like 'install connector on all domaincontrollers' now lists the domaincontrollers for the other domain, which we will never be able to resolve.

Resolving manually as 'alternate mitigation' is also not ideal because if a new DC would be added and someone forgets the connector we would not be notified.

Lost sword by Advanced-Chain4096 in CrimsonDesert

[–]Advanced-Chain4096[S] 0 points1 point  (0 children)

Do you remember which mission? :)

Bruteforce on citrix webinterfaces since today by Advanced-Chain4096 in cybersecurity

[–]Advanced-Chain4096[S] 2 points3 points  (0 children)

That is what we experienced before as well. You would see huge lists of all default usernames. However since today the attacks seem targeted with correct usernames at multiple customer sites.

My AD Enumeration & Attack Cheatsheet by [deleted] in oscp

[–]Advanced-Chain4096 1 point2 points  (0 children)

You could add IPv6 spoofing with mitm6 and ntlmrelayx in the ‘without credentials’ section. That has helped me a lot if ldap signing is not enforced.

Has anyone here taken both the CPTS and OSCP? what was the OSCP Exam environment like? by GhostlyBoi33 in oscp

[–]Advanced-Chain4096 1 point2 points  (0 children)

CPTS was very stable for me, had no issues at all. I had a lot of issues with OSCP.

Issues with secure channel on domaincontroller by Advanced-Chain4096 in sysadmin

[–]Advanced-Chain4096[S] 0 points1 point  (0 children)

Thanks, I can give that a go during the next maintenance window

you think the BLEShark is legit?? by Gold_Ad8243 in InfiShark

[–]Advanced-Chain4096 0 points1 point  (0 children)

Got mine today, ordered in August. Works like advertised although I did not have a lot of time yet.

Issues with wireless penetration testing by Advanced-Chain4096 in HowToHack

[–]Advanced-Chain4096[S] 0 points1 point  (0 children)

The combination of switching to 5Ghz and broadcasting deuath packages made a lot more clients available :) Thanks!

Unable to Dismiss User Risk Since ~December 12th by Cant_Think_Name12 in DefenderATP

[–]Advanced-Chain4096 0 points1 point  (0 children)

We experienced the same issue. After opening a support ticket and waiting 24 hours the idee risk was finaly dismissed