Jump to content

NooBToBe

Banned
  • Content Count

    10
  • Joined

  • Last visited

  • Days Won

    2

NooBToBe last won the day on January 12 2019

NooBToBe had the most liked content!

Community Reputation

896 Excellent

About NooBToBe

  • Rank
    Member

Recent Profile Visitors

143 profile views
  1. ok guys i start writing it, like i said that will take me some time but i always do what i promess
  2. For pluralsight like lalamakerg say you, you have some of the course you want on the pinned topic and for the others you can take the free demo and download the course with one of the techniques shared here: [Hidden Content] and after that you can give back to the community and share with us the new course For udemy you can buy those courses and do the same as pluralsight for downloading them, go one by one course with different account and after downloading all the videos of the courses you ask for a refund for any reason, i did it a lot of times and i have all courses i want for free Now for SANS thats pratically impossible lol, i think it is a recent course no??? Have fun
  3. Hi guys, After seeing a topic about windows domain pentesting i can saw there is no tutorial on the internet about making a real world lab for making real word pentesting scenario. I know there is a lot of you that will say that exist or they always say real world scenarion etc but at the final thats just a "shitty" lab, a static lab with no real traffic analysis, or share folder/email openning that you must do it yourself in the place of the victim so for real scenarion thats not the case... i will make an article here or on a pdf format, on how you can make the best professionnal lab for pentesting windows domain. You will have a real world domain with simulated users who generate traffic, type document, surf on the internet, mapping shares, looking for their email and reading them and openning your malicious document, so with all of that you have an amazing real world scenario to pentest and use real world technics... So you must have to analyse the traffic of the domain and yu will not find the credentilas directly like in other lab, here you will find a lot of garbage like in the real world, some employee of the domain will look youtube, facebook, but other will look their email so they log in Others will open your malicious word document in their email so you can make this attack like in real world, others will mount share folder so you must have to check if you can attack smb port ect ect and all of those employee action will be done automatically without you need to click anywhere, thats like real employee doing their stuff at work!!! you just have to boot yours VMs and start a script and voila, you can start your pentest!!! So if there is some guys who are interested in this i will do it, thats a long tuto with a lot of things to explain so i will take my time to do it well. I will release it "fast" (1 month at least) if there is a lot of guys interested, and if "nobody" i will sahre it on a blog where i will help new/intermediate pentesters with learning resources/advices/exercises Have fun
  4. With all that content share in security/red teaming there is nobody who try to hunt bugs really??? I dont search professionnal guys If you never find a bug thats not a problem we can work together and you can learn something like you can show me something i dont think/see or whatever. Sharing is caring
  5. i dont know anything about this course but i want to make an advice for those who want step up on pentesting against windows environment, make your own lab you will learn tons of things and understand more the pentesting method whan you know how this is build, when you know about how to make GPO, GPP and all that relating stuff you will see by yourself some weakness and where to search for them so make a DC and 2 other windows VM and i will make an article here on how you can make the best professionnal lab for pentesting windows domain. You will have a real world domain with simulated users who generate traffic, type document, surf on the internet, mapping shares, looking for their email and reading them and openning your malicious document, so with all of that you have an amazing real world scenario to pentest and use real world technics
  6. Next week i will reupolad it if it isnt and look on the pentester academy pinned topic like lalamakerg said it so you will have two course about IOT
  7. Sadly they dont give invite for their course and i tried a lot of times, i find a vulnerability in their site, an IDOR but harmless and i ask for a barebone if they can and nope xD You have the PTPv3 and v4 on this forum bro [Hidden Content] Here the PTP v3 with pdf and videos [hide]ePTPv3 [Hidden Content]] And here the PTP v4 with videos and WAPT and WAPTx but that the only way to have the PTP v4 [hide][Hidden Content]] So you can mix this 2, pdf of v3 and videos of v4 and you have more than the barbone edition of PTP and if i remember well you have some pdf which describe the labs so you find some vm on vulnhub or whatever to practice what you learn After that you can take the voucher only on elearn for 400$ like i will do Diffenrence between version 4 and the actual v5 isnt worth to pay for, the only reason it is worth to take it officially is the lab which must be more efficent than my solution. Have fun You're welcome bro
  8. Nope i dont share it the buffer overflow primer but it isnt free from security tube?? or you talk about this course [Hidden Content] ?? Thanks for the patience guys, Monday i start sharing again
  9. Nice if thats work but i think i have tried in the past without success
  10. Man you dont know how to upload an image to the internet and find a simple file you just download so before trying all sort of thing i suggest you go through very basics of linux and http/web etc When you follow my technic you dont understand what you do because you just make a wget with the url in the url bar and that's not what i said... for the video you try the link for wget was wget [Hidden Content] I hope you dont take it like an attack or whatever, it is an advice for all in IT, you need to have the basics. Like us, we all learn to walk before running, and for what i see you try running but dont know how to walk If i have time i will make you a video so you can follow step by step
  11. not for all courses in udemy That's work for a lot of site indeed I use it a lot, for the black friday i think they made a free week-end with full access on luralsight i downloaded videos i miss in my collection thtat way
  12. You have a more simple way to do it for linux user (for windows you need to do extra steps but nothing hard) and doesnt need to install anything, subscribe like you say and look videos, right click, and choose Inspect, Inspect the videos and copy the link you find in the console, and after that you just have to wget urlYouJustFind. That's work with every Udemy course too You can automate this with a python script
  13. ahaha yeah i think you can dream, too much problem with SANS xD look at pentesteracademy, i exploited their server since 2.5 years and today they patch the vulnerability, that's odd, that's happen now when i share all their course so for those who want windows forensic they must wait if i find a new way to get in freely, and for the new course thats the same i cant share the new new content after today
  14. thats exactly what i said you misunderstood slingshot and the vm for the exercises, the sec 560 vm i have isnt slingshot no offense if you use this logic he can use every linux distro since all tools can be install with an apt and a modified sources list...
  15. so thats what is already share on the forum again and again... this guy make 2 post with this technique... he take content share here and share it again just for thanks... kick that guy thanks EDIT: and he does the same with mediafire links in the elearnsecurity posts!!!
×
×
  • Create New...