Kerberos is a strong authentication protocol that can be used in an open unprotected network. Despite it’s strength, there are some attacks that can be done against Kerberos which are as follows: Kerberoasting is post-exploitation attack technique. In this attack, the attacker has a compromised authenticated user’s account in a domain and targets Service Accounts…
Author: kingsanit
Post Exploitation
In the Cyber Security, Post Exploitation refers to the phase after exploiting a target system. Cyber Kill Chain is the progressive steps in which an attacker performs an attack on a target system. An attacker starts with reconnaissance, then builds an exploit payload and delivers it to the target through email, file sharing etc. The…
Kerberos
Kerberos is a network authentication protocol developed by Massachusetts Institute of Technology that provides strong authentication between client and server using cryptography in an open unprotected network. Key Aspects of Kerberos Architecture Key Distribution Center (KDC) is the core component of Kerberos which acts as the 3rd Party Authentication providing Central Authentication to the domain (realm)…
Authentication
Authentication is the process of validating and verifying the identity of a user or system trying to access a system or service before granting access. Authentication comes after the Identification process. Authentication can be done with the following ways What you know is where a user is authenticated with what they know like passwords, passphrase,…
Identification
Identification is the process of identifying a person or system in a realm (domain, organization, enterprise). The identification is the initial process before authenticating. Every user and system in a realm should have a unique identification, so that they can be authenticated & authorized for granting access and accounted for their actions.
Computing Clock Cycle
A clock cycle also known as machine cycle is the fundamental unit of time in a computer’s CPU. The clock cycle is driven by an internal clock signal within the central processing unit (CPU). The clock cycle is measured in Hertz (Hz). The following are the operations that are performed in a clock cycle. Fetching…
Instruction Set
An Instruction Set also known as Instruction set architecture (ISA) is the abstract model present in a computing machine that gives the instruction to the CPU present in a computer machine. The computing machine performs the required operations. The Operating System and Applications communicates to the computing hardware to perform an action through the Instruction…
MITRE ATT&CK
MITRE ATT&CK® is a knowledge base of adversary tactics and techniques based on real world observations published by MITRE. This knowledge base can be used as the foundation for understanding the Cyber Attack patterns. The MITRE Attack Matrices covers the following categories The MITRE Attack chain has 14 Tactics that will be executed in order by…
Buffer Overflow
Buffer Overflow is a vulnerability in software due to improper boundary checks, where an attacker exploits the target system by writing overwhelming data to the software memory buffer to overflow the buffer’s capacity and then making the malicious data to be written in the adjacent memory location giving un-authorized access. There are two types of…
Threads
A Process is broken down into multiple threads. A program becomes a process when it’s loaded into the memory and each process has it’s own address space. A process is sub divided into multiple threads and each thread uses the allocated address space given to it’s parent process for execution enabling to run multiple threads…