To providing the vm we will use terraform, the official documentation for proxmox and Qemu can be found here : https://registry.terraform.io/providers/Telmate/proxmox/latest/docs/resources/vm_qemu ...

If you follow the guide in part1, we now got a proxmox environment, some vlans, and a provisioning CT with the tools installed. On this chapter we will prepare the proxmox template for our future...

Introduction Some people asked me how to install GOAD on proxmox. I wanted to document this a long time ago but never found the time to do this. Now it will be done ;) For this blog post we will s...

On the previous post (Goad pwning part11) we tried some attacks path with ACL. This post will be on escalation with domain trust (from child to parent domain) and on Forest to Forest trust lateral ...

On the previous post (Goad pwning part10) we did some exploitation by abusing delegation. On this blog post, we will have fun with ACL in the lab. In active directory, objects right are called Acc...

On the previous post (Goad pwning part9) we done some lateral move on the domain. Now let’s try some delegation attacks. Here i will just demonstrate the exploitation, if you want to understand th...

The v2022_11 AD mindmap is now available : Full view is available on orange cyberdefense mindmap site : https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg Upgrad...

In the previous post (Goad pwning part8) we tried some privilege escalation techniques. Today we will talk about lateral move. Lateral move append when you already pwned a computer and you move fro...

TL;DR; Infos On a recent pentest we faced an interesting scope with full up to date products and without any credentials. After spend some time on bruteforce dns, folders, all the login form an...

In the previous post (Goad pwning part7) we tried some attacks with MSSQL on the domain. This time we will get a web shell on IIS and try some privilege escalation techniques. IIS - webshell T...