[AHK] Automatic update 👽

Meditology · May 5, 2022 · 874c855 · 874c855
1 parent 1766272
commit 874c855
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 11 deletions.
diff --git a/pentest/c2/sliver.md b/pentest/c2/sliver.md
@@ -15,7 +15,11 @@ Install team server as a daemon on the team server:
 $ curl https://sliver.sh/install | sudo bash
 ```
 
-For a client get a `sliver-client` binary from releases.
+For a client get a `sliver-client` binary from releases or disable the service if installed as a daemon:
+
+```
+$ sudo systemctl disable sliver.service --now
+```
 
 
 

diff --git a/pentest/infrastructure/ad/authentication-coercion.md b/pentest/infrastructure/ad/authentication-coercion.md
@@ -1,12 +1,12 @@
 # Authentication Coercion
 
 {% hint style="info" %}
-It's a good idea to check if **NTLMv1 downgrade** is possible when triggering the callbacks.
-{% endhint %}
+It's a good idea to check if **NTLMv1 downgrade** is possible when triggering the callbacks:
 
 {% content-ref url="/pentest/infrastructure/ad/ntlm/ntlmv1-downgrade.md" %}
 [ntlmv1-downgrade.md](ntlmv1-downgrade.md)
 {% endcontent-ref %}
+{% endhint %}
 
 
 

diff --git a/...est/infrastructure/ad/av-edr-evasion/maldev/code-injection/shellcode-runners.md b/...est/infrastructure/ad/av-edr-evasion/maldev/code-injection/shellcode-runners.md
@@ -243,12 +243,12 @@ $ python SharpShooter.py --dotnetver 4 --stageless --rawscfile met.bin --payload
 ```
 
 {% hint style="info" %}
-This tool can efficiently be used with **HTML Smuggling** technique.
-{% endhint %}
+This tool can efficiently be used with **HTML Smuggling** technique:
 
 {% content-ref url="/pentest/se/phishing/html-smuggling.md" %}
 [html-smuggling.md](html-smuggling.md)
 {% endcontent-ref %}
+{% endhint %}
 
 
 

diff --git a/pentest/infrastructure/ad/ntlm/ntlmv1-downgrade.md b/pentest/infrastructure/ad/ntlm/ntlmv1-downgrade.md
@@ -26,7 +26,7 @@ Check with [Seatbelt](https://github.com/GhostPack/Seatbelt/blob/fa0f2d94a049d82
 Cmd > .\Seatbelt.exe NTLMSettings
 ```
 
-Exploit with Responder with a known challange of `1122334455667788` (see **Authentication Coercion** to trigger callbacks):
+Exploit with Responder with a known challenge of `1122334455667788` (see **Authentication Coercion** to trigger callbacks):
 
 {% content-ref url="/pentest/infrastructure/ad/authentication-coercion.md" %}
 [authentication-coercion.md](authentication-coercion.md)

diff --git a/pentest/infrastructure/ad/password-spraying.md b/pentest/infrastructure/ad/password-spraying.md
@@ -35,7 +35,7 @@ Example of `net accounts` output:
 
 ### Non-Authenticated
 
-If SMB null sessions are allowed on the DC, an adversary can get a list of all domain users via **RID Cycling**.
+If SMB null sessions are allowed on the DC, an adversary can get a list of all domain users via **RID Cycling**:
 
 {% content-ref url="/pentest/infrastructure/ad/rid-cycling.md" %}
 [rid-cycling.md](rid-cycling.md)

diff --git a/redteam/cobalt-strike.md b/redteam/cobalt-strike.md
@@ -200,10 +200,6 @@ beacon> mimikatz dpapi::cred /in:C:\Users\snovvcrash\AppData\Local\Microsoft\Cre
 
 ### Sleep Mask
 
-{% hint style="info" %}
-Take a look at Shellcode In-Memory Fluctuation technique.
-{% endhint %}
-
 {% content-ref url="/pentest/infrastructure/ad/av-edr-evasion/maldev/code-injection/README.md#shellcode-in-memory-fluctuation" %}
 [ntlmv1-downgrade.md](ntlmv1-downgrade.md)
 {% endcontent-ref %}