Just finished the roughly 9 hours videos which I enjoyed so much. I wish the OSCP videos were this engaging. You are so talented and I wish you can make more videos. At least once a week. A challenge for you 😀
@cosminduduc3016
6 ай бұрын
Derron, this is the first content i came across which really helped for my OSCP prep. Besides zillion of HowTo's, learning platforms, etc. I've felt this is the real deal. The way you explain all the details is amazing and I wanted to express my gratitude and thanks for this. It really helped me understand much better the attack vectors in the AD env. Thank you very much man! THANK YOU!
@derronc
5 ай бұрын
that is incredibly high praise, thank you so much!! It means a lot and I'm really glad this is helpful for you
@DocGMoney
5 ай бұрын
Dude your ability to talk through what your doing is next level. Super helpful and man I am stealing your box setup that's a great way to organize everything. Well done all around and a huge THANK YOU!
@0xA
8 ай бұрын
You have no idea how incredibly helpful this is - working on OSCP challenge labs and keep thinking back to techniques you use in this series. Find myself coming here before my own notes sometimes. Thank you!
@sergiocharruadas6518
9 ай бұрын
Very good content as always, can't wait for #4, thank you!
@phillydee3592
2 күн бұрын
This content is awesome man thank you!!I need to build this setup and work through it!!
@Ibr8kThingz
7 ай бұрын
Wow this was insanely helpful! I am much more confident now walking into the exam. Thank you so much again for your time and dedication!
@heipablishenko851
8 ай бұрын
I was unaware of its existence. I am excited to discover what the next instalment in this series will bring.
@spoon2k
9 ай бұрын
Superb content as always, thank you!
@ChadB_n00b
9 ай бұрын
Suggesting these vids to my OSCP study group. Good work!
@presequel
2 ай бұрын
fantastic video, awesome :)
@flowerinpower
2 ай бұрын
This is gold!
@Mabenchi6705
9 ай бұрын
This is gold, Thank you
@asdasd-p6u
9 ай бұрын
Thank you, amazing content!
@MalwareCube
7 ай бұрын
I cannot express how realistic, accurate, and useful these labs are. Thanks very much Derron, I owe a lot of why I passed to these videos. :)
@derronc
6 ай бұрын
🍾 congrats!!!! that is so amazing to hear and I'm stoked for your accomplishment! I know that is such a relief when you get that email
@hamzagamal4361
4 ай бұрын
unbelievable keep going 💪💪🔥🔥
@cooki3cutt3r13
9 ай бұрын
good sir, you're a wizard
@martindinchev5363
8 ай бұрын
Great videos continue !!!
@souirianas2571
7 ай бұрын
keep up the good work maan!
@johnwright6498
9 ай бұрын
Very helpful content. I take my oscp test in 2 days. The one I struggle is with web foothold. I'm being better though
@derronc
9 ай бұрын
best of luck on the exam!! 🤞
@johnwright6498
9 ай бұрын
@@derronc can't talk about it but your technique methodology help me got my first foothold in. I didn't pass I will sign up for hack the box academy and study on the weak areas. And will still look towards your videos. I will get it next time. 🤙🏾
@htpeof6943
8 ай бұрын
@@johnwright6498how many machines u got
@eniak2300
4 ай бұрын
Hey bro you have such an amazing methodologies and your explanations are insane. But can I ask you where did you find those labs you are doing in these videos or you just built them? Also thank you really for this content !!
@TDay666
9 ай бұрын
Always happy to see these videos come out, I use these to refer some of my team for study purposes, as well as for me to prep for my OSCP coming up soon. Have you made these into an ISO/VM instance for download? would love to have my team try these custom boxes out.
@derronc
9 ай бұрын
thank you so much, I'm glad you find these helpful and are sharing them with your team 😊 I thought about how best to share the lab with everyone and that's how I ended up deciding on the "How to build..." videos. Unfortunately MSFT licensing doesn't work well with trying to package up the images into an ISO/VM for public consumption
@CyberNinja-p1t
9 ай бұрын
Super muper content :)
@jocamp5
Ай бұрын
Hi Derron. I am confused. You ran john with rules 1st, got no hit. Then you ran it again (after editing the video and a short pause) and you got a hit? what changed? The command was the same.
@derronc
17 күн бұрын
hmmmm, I'm honestly not sure. I may have screwed up the hash and cut that out of the video. it's likely something silly I had to cut out because of a mistake I made. Unless I commented on why it worked the second time I'd just treat it as though it should've worked the first time :)
@SeaTekMonstroso
9 ай бұрын
Great stuff man, my only comment is you should consider using the userpass file options for accounts you already know the passwords for. It will reduce clutter of trying username and password combinations you already know wont work.
@derronc
9 ай бұрын
totally agree! I forgot about the userpass option during the recording. Great call out and thank you for watching!
@spacington4022
10 күн бұрын
What’s the difference between a $ at the command line vs a % symbol
@Claymore403
5 ай бұрын
First thing I have to say is thank you for your videos cause they are amazing, second thing is that I think you can inject macro in doc file directly from kali using minitrue or I think eviloffice (maybe it's useful info for someone)
@michaelwatts1186
8 ай бұрын
Hey Derron, great walkthroughs. Question- in terms of the office macro that you created is there a easier way to go about it it seems like a lengthy setup and was curious if there was a pre created office macro template from a resource to work with and tailor if you come across this attack method scenario and want to go this route? Also if you come across the upload function that you play with the extension format in order to upload a reverse shell if certain extension are restricted instead of going the office macros route. Just curious why you didn't explore that further? Ideally I would prefer to avoid the office macro exploit to get an initial foothold just because its potentially adding additional aspects to your attack approach, and having to get into a spun up Windows instance to initiate, when there could be a better more efficient way? Just want to see your thoughts on it?
@sakyb7
3 ай бұрын
How to did you set rules to crack that office hash?
@b0161
Ай бұрын
Why can't nmap find port 445 of ms02 the first time, but can find it the second time? Can anyone help me solve this problem?
@derronc
Ай бұрын
sadly, this was a unique problem to my lab environment and recording. I believe the packets were dropped the first time and they shouldn't have been. Ideally the recording would have shown the success from nmap both times, but I decided not to go back and re-record. more just showing the nuances of labs and tools, and it never hurts to re-run scans to confirm results
@Laffinfpv
8 ай бұрын
I believe sekurlsa is supposed to be “secure LSA” 😊
@TheTacopai
7 ай бұрын
please more videos
@hack4funacademy
6 ай бұрын
hi when are u gonna give us a video about how to setting up this lab environment
@derronc
6 ай бұрын
Thanks for the ping on this :) Life's been super busy with family/work/school but I'm hoping to have it posted this week.
@hack4funacademy
6 ай бұрын
@@derronc I see, alright ty
@alihassam8748
5 ай бұрын
Anyone has Macro code?
@genelkanininaksine
18 күн бұрын
Pls more videos
@uaebikers
Ай бұрын
When are you coming back to making videos? :D
@FastlaneSto
2 ай бұрын
Will you do more of these? Understand if not doing OSCP anymore, but perhaps any other hacking vids? I love them. I feel like you would do so well teaching this stuff to beginners, as clearly these are more of an intermediate+ level. You're a natural with the videos and commentary.
@derronc
Ай бұрын
Thank you for such high praise! 🙏 Life has been keeping me extremely busy this year but I am hoping to create some more content in the near future.
@ianp6742
9 ай бұрын
Heeeeyy glad to see another AD path from you!
@sandiproy9810
9 ай бұрын
hey derron , can you please share on which year did you passed the oscp ? I'm asking because, in many groups some peoples complains about the dificulty level of oscp has been increased recently . what do you think about that ?
@derronc
9 ай бұрын
I passed my OSCP back in Sept. of this year. I can't say I'm aware of what the previous versions of the exam difficulty were... but I can say that the OSCP exam for me was pretty difficult. I felt like I was going to fail until the last few hours when I managed to finally break through on the AD set. Once I did I pwned the AD set extremely quickly and that gave me enough points to pass. This is one of the reasons I decided to share my practice lessons on youtube: having the right process/comfort level can be the difference between passing/failing.
@1a4s4l7
9 ай бұрын
Once you have a foothold on the ms01, is it necessary to use pivoting techniques? Suppose you can download tools on the compromised box, as an alternative, can you just live off the land?
@derronc
9 ай бұрын
good question! I suppose you could try and live off the land and do everything from MS01, however it would definitely make things harder and may reduce your efficient use of time on the OSCP. I may take this on as a fun challenge though: see if you can do all of this without pivoting through MS01 😊
@eniak2300
3 ай бұрын
Hey bro do you know why he didn't try to use impacket-GetUsersSPNs or impacket-GetNPUsers for kerberoasting and reproasating after obtaining the credentials of the first domain account?
@maroofchaudhary543
9 ай бұрын
Brother amazing content keep it brother and try to upload more content like this
Пікірлер: 58