@ippsec said:
As for why everyone skipped over how they found the keypass file. It’s in the User’s Documents folder, a place most people just check manually. Some enumeration scripts will point out files in the directories (such as JAWS). I just don’t show every tool every video because it would be super repetitive.
IppSec , thanks for the videos you have created for these retired machines.
Unlike most walkthroughs you take the time to explain your thinking behind the steps you take in your video and these are the teaching moments I believe your audience is looking for.
They are the main reason why I am paying to be a VIP with Hackthebox in order to learn pentesting.
I know you aim to keep them interesting by teaching new tricks in every video.
May I suggest to you to do your best to cater to 2 groups of audience:
Noobs like me who are still learning the basics and the pros who are learning new tricks.
For noobs like me we would like to know why certain ‘required’ tools are used and not used in enumeration and privilege escalation.
We noobs are still learning how to avoid rabbit holes and therefore we would like to understand under what circumstances what should be done or not done in pentesting.
So if nmap or equivalent is not used in enumeration we would like to know why.
Just like when Sherlock or equivalent is not used in privilege escalation when dealing with Windows boxes.
Yes , it might sound repetitive to some but then tools such as nmap is a ‘required’ tool and therefore cannot be skipped in any of your videos.
Thanks a million.