KC Hacker

How to install GoPhish on Ubuntu

|

GoPhish is an open-source, web-based phishing simulation framework that security teams use to run authorized phishing campaigns against their own employees. It lets organizations design phishing emails and matching landing pages, send those messages as part of controlled campaigns, and track who received the email, who opened it, who clicked links, and who submitted data How to install GoPhish on Ubuntu

Enable SMB Signing in Group Policy Active Directory

|

SMB signing in Active Directory increases security by preventing man-in-the-middle (MITM) attacks and tampering with SMB traffic. But forcing it across all computers and servers does come with trade-offs you should weigh: Performance Hit SMB signing adds cryptographic overhead (every SMB packet must be signed and verified). File transfers, logon scripts, and Group Policy processing Enable SMB Signing in Group Policy Active Directory

Wazuh and Kali Linux Alert to IPv6 Traffic

|

To alert on IPv6 traffic using Wazuh and Kali Linux, you must install the Wazuh agent on the Kali machine, collect the network logs, and create a custom rule on your Wazuh manager to specifically detect and alert on IPv6-related events. Install Wazah client on Kali Linux curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | sudo tee /usr/share/keyrings/wazuh.gpg >/dev/null Wazuh and Kali Linux Alert to IPv6 Traffic

Disable IPv6 in Group Policy Editior

|

You would need to disable IPv6 for security in Active Directory (AD) to reduce the potential attack surface and prevent vulnerabilities unique to its implementation. Disabling unused services is a fundamental security practice, and misconfigured or unmonitored IPv6 traffic can bypass firewall rules and enable unauthorized data interception or denial-of-service attacks. However, be aware that Disable IPv6 in Group Policy Editior

How to install PimpMyKali

|

PimpMyKali is basically a helper script made for Kali Linux. Its purpose is to “pimp out” a fresh install by fixing common issues, updating things, and adding extra tools that security testers often need. Instead of you having to manually tweak repositories, install missing packages, fix broken dependencies, or set up certain configurations, PimpMyKali automates How to install PimpMyKali

Kerberoasting using Kali Linix

|

Kerberoasting is a technique attackers use in Windows Active Directory environments to steal service account credentials. It works by requesting a Kerberos service ticket for a service account that uses a weak or guessable password. The ticket is encrypted with the account’s password hash, so once an attacker obtains it, they can take it offline Kerberoasting using Kali Linix

How to Use MITM6 on Kali Linux

|

Mitm6 is a penetration testing tool that targets weaknesses in how Windows networks handle IPv6. Even in environments that primarily use IPv4, Windows systems will often still listen for IPv6 traffic, and mitm6 takes advantage of this by impersonating an IPv6 router. Once a machine accepts it as a legitimate router, the attacker can redirect How to Use MITM6 on Kali Linux

Evil-WinRM on Kali Linux

|

Evil-WinRM is a security tool that penetration testers and ethical hackers often use when assessing Windows environments. It’s basically a PowerShell Remote Management (WinRM) client with extra features designed to make post-exploitation easier. WinRM itself is a legitimate Microsoft service that allows administrators to remotely manage Windows machines using PowerShell. Evil-WinRM takes advantage of that Evil-WinRM on Kali Linux

Adaptix C2 install on Kali Linux

|

Adaptix C2 is an open-source Command and Control framework designed for red teamers and penetration testers to manage compromised systems during post-exploitation. It is built with a Go-based server and a cross-platform GUI client written in C++ using Qt, which makes it accessible on Linux, Windows, and macOS. The tool is gaining attention in the Adaptix C2 install on Kali Linux