My goal for this repository is for it to serve as a personal outlet for notetaking and research while learning more regarding the offensive approach one can take when exploiting Windows machines. I hope it is helpful to someone else at some point. Please reach out with comments and questions as needed.
- Information regarding how common security products work, to include approaches and methodologies employed when attempting to detect malicious threats.
- With greater insight into how these products work we better our own ability to evade them and mitigate chances of detection.
- Common authentication protocols, to include how they work and the circumstances/environments they can often be found in.
- Understanding these protocols will aid us in abusing them for privilege escalation/initial access.
- Miscellaneous notes regarding different fundamental concepts that are crucial for development.
- Topics could include things like memory, threads/processes, I/O etc.
- Common networking protocols, to include details on how they work and when/how they are used.
- Useful in scenarios where we have a C2 talking to an implant and need to emulate 'normal' traffic to avoid detection by an IDS.
- A bit of a misc. directory with all kinds of information regarding the registry.
- There are a lot of secrets within the registry, and with SYSTEM level access a threat actor could explore a plethora of different avenues when it comes to lateral movement through a network or within a system itself.
- Miscellaneous Microsoft specific services, to inlcude what their purposes are and how/when they run on system.
- Important for avoiding detection by some services, or exploting others via injection or other means.
- Common 'hacker man' techniques that one could employ for a variety of scenarios.
- Could involve anything from priv. esc. to initial access.