7MS #530: Tales of Pentest Pwnage - Part 38

Hey friends, we have another fun tale of pwnage for you today. I loved this one because I got to learn some new tools I hadn't used before, such as:

• Get-InternalSubnets.ps1 - for getting internal subnets
• Adalanche for grabbing Active Directory info (similar to SharpHound)

This tool worked well for me with this syntax:

adalanche-windows-x64-v2022.5.19.exe collect activedirectory --domain victim.domain --port=389 --tlsmode=NoTLS

• Copernic Desktop Search for pillaging through shares with Google-like search capabilities!

• PowerHuntShares is my new favorite tool for enumerating network shares and associated permissions!

• CeWL for creating awesome wordlists to crack with!

I don't have a Toyota TRD Pro, but I can't stop watching this reel.