Lateral Movement in Active Directory+Windows – Some Simple & Forgotten (Yet Effective) AD Pivoting Techniques: Part 1

“Go the path of least resistance – sure, it’s cool to pop Meterpreters, but it’s really not always even necessary. It can be much easier.”

Local Infosec Talk: Logan Diomedi talks Burp Suite at RISE

“Roanoke native Logan Diomedi found an interest in computers at an early age and won his first Capture-the-Flag (CTF) at 16. Since then he has placed in the top 3 on several other national CTFs throughout the years, including events run by the NSA, Radford University, and NYU Poly. He specializes in application analysis/pivoting and lateral movement on enterprise networks though he maintains a broad skill base and is particularly fond of hunting “zero days” on embedded devices and closed-source software for responsible disclosure.

Linux Privilege Escalation – Using apt-get/apt/dpkg to abuse sudo “NOPASSWD” misconfiguration

(PART TWO AT BOTTOM OF THE PAGE)There are many well known and documented attack vectors for the sudo command that exist. Please see my Useful Resources page for the Windows & Linux Privilege Escalation piece that contains a ton of helpful knowledge