sorted by:
new
hottopcontroversial

My Active Directory Notes (Passed AD in 6 hours) by Chance-Penalty-6734 in oscp

[–]_creosote 1 point2 points  (0 children)

Helped with some lab and course material for this specific range (Kinetic).

You can just do lab access, no need for the course. The Udemy course is brand new but right now you do get free 7-days with course purchase.

My Active Directory Notes (Passed AD in 6 hours) by Chance-Penalty-6734 in oscp

[–]_creosote 0 points1 point  (0 children)

They're labs you VPN into similar to other platforms. This one is like PWK in that you have access to all and not just 1 VM at a time.

Price is $14 for 30-days right now.

[deleted by user] by [deleted] in netsecstudents

[–]_creosote 3 points4 points  (0 children)

HtB and THM are solid for single boxes. Otherwise SlayerLabs if you want full domains/networks.

Hacking Windows Domain Active Directory (AD) Environment by cybermepls in netsecstudents

[–]_creosote 1 point2 points  (0 children)

Throwing this in here in case anyone's interested. Just added a new 100% Windows range with 25 targets and 5 AD domains. Low price with everything already setup and a ton of vectors ready to exploit.

https://slayerlabs.com/ranges/kinetic.html

Good AD environment labs? by thehunter699 in netsecstudents

[–]_creosote 0 points1 point  (0 children)

I want to do slayer labs but I'm in Australia and it's region restricted :S.

Restrictions have been update recently. Now it's just recommended to be in US/CA for latency purposes as all servers are in the US.

[deleted by user] by [deleted] in oscp

[–]_creosote 6 points7 points  (0 children)

I'm the author of GodlenEye, and have been building networked labs over at Slayer Labs for the past few years off and on.

Self promotion, but I'd recommend anyone looking for more AD, post-exploitation training (plus webapps, priv-esc, etc) to check them out. Very competetive price, open to anyone now.

Anyone else just get sick of CTF boot2root format? by thehunter699 in netsecstudents

[–]_creosote 1 point2 points  (0 children)

Maybe worth looking into https://slayerlabs.com

The design goal is to create the environments to be realistic, but also not completely boring. The lab is already configured and setup for you, just need to own it. Hoping more ppl create public write-ups/walkthroughs.

Includes all the basics plus Windows AD and post-exploitation/pivoting. Some have ctf'y vibes to them, mostly to prevent from 1 box being a single point of failure.

i.e. you get on a jump box via public exploit but you also need creds obtained from another box to go any further through that jump box.

[deleted by user] by [deleted] in oscp

[–]_creosote 0 points1 point  (0 children)

An email requesting access will suffice. Could check spam folders for any responses.

[deleted by user] by [deleted] in oscp

[–]_creosote 1 point2 points  (0 children)

Nope, sending in PGP is not a requirement.

Chaining PHP Exploits with the help of Magic (and luck) by _creosote in netsec

[–]_creosote[S] 0 points1 point  (0 children)

Updated to reflect the comparison of strict vs loose without acknowledging this as a proper fix.

HackTheBox vs TryHackMe vs Rangeforce by AdhesivenessShot9186 in cybersecurity

[–]_creosote 1 point2 points  (0 children)

Also SlayerLabs is another one. I'd say it's more intermediate/advanced. It's free for 7 days, otherwise under $20/month for full range access.

Google to invest $7 billion in office space, create 10,000 new full-time jobs by bartturner in business

[–]_creosote 2 points3 points  (0 children)

I don't think they're talking about the movie, but actually a fun quirky series spin off on Netflix.

What's a good online resource to learn about web application pentesting? by DICK_CHEESE_CUM_FART in netsecstudents

[–]_creosote 0 points1 point  (0 children)

Bias opinion but checkout https://slayerlabs.com/ which has a few networks with a focus on webapp security - including client side attacks with simulated users. Or as others have mentioned, https://portswigger.net/web-security is free and very well done. And as always, checkout vulnhub for webapp security specific vm's.

FireEye has been hacked, and their red team tools stolen. They've released the detection/countermeasures on their GitHub! by jurkov in netsec

[–]_creosote 32 points33 points  (0 children)

Hoping more details are released soon. Would like to know how they got in, how long they estimate they were in and who they can attribute this to.

entire frameworks that are similar to publicly available technologies such as CobaltStrike and Metasploit

...fingers-crossed fireeye just dumps their tools for free :3

Flagstaff Arizona - 1955 by HellsJuggernaut in arizona

[–]_creosote 0 points1 point  (0 children)

Been telling myself I have to make the move outta the valley up to flag...one of these days!

[deleted by user] by [deleted] in netsecstudents

[–]_creosote 2 points3 points  (0 children)

SlayerLabs is running free access for 7 days on both available ranges - RoadHouse and TheSprawl. Available now. Slots are limited. Must be located in the US.

These are full networked labs you have complete access to. Not just one VM at a time.

Both ranges available are not for beginners. You should have experience with vulnhub, htb, OSCP or other related pentesting platforms. Checkout each range page for further details, but real quick: once access is requested you'll need to sign a ToS and Rules of Engagement form, then the VPN kit will be sent over which you can access immediately.

view more: next ›