Skip to main content

Documentation Index

Fetch the complete documentation index at: https://rootea.es/llms.txt

Use this file to discover all available pages before exploring further.

Search

··
Operating systemWindows
DifficultyHard
IP10.10.11.129
Retirement date
SkillsInformation Leakage - Password in picture (wtf?) RPC Enumeration (rpcclient) Ldap Enumeration (ldapdomaindump) Bloodhound Enumeration Kerberoasting Attack (GetUserSPNs.py) SMB Password Spray Attack (Crackmapexec) Unprotecting password-protected Excel (Remove Protection) Playing with pfx certificates Gaining access to Windows PowerShell Web Access Abusing ReadGMSAPassword privilege Abusing GenericAll privilege (Resetting a user’s password) Gaining access with wmiexec Active Directory

Writeups

LanguageAuthorFormatLink
🇪🇸 ESS4vitarVídeoOpen
🇬🇧 EN0xdfTextoOpen
🇬🇧 ENIppSecVídeoOpen

Skill resources

Curated documentation for each technique listed in the Skills column above. Sources: HackTricks, GTFOBins, PortSwigger, etc.
SkillSourceLink
Active DirectoryHackTricksOpen
KerberoastingHackTricksOpen
BloodHoundBloodHound docsOpen
SMB (139/445)HackTricksOpen