CrackMapExec
Module from HackTheBox Academy - Tier III
Introduction
I completed this module from HackTheBox Academy at the very beginning of January 2023 in preparation to a first real world Internal Penetration Testing. I really enjoyed completing that module covering in details the latest version of the tool CrackMapExec and its multiple capabilities.
Obviously, all CrackMapExec options and features covered by the module are also listed in the official documentation of the tool. However, the module adds a lot to the learning experience. The module is split into structured sections that follow roughly the steps of an Internal engagement. I also gained a lot with the proposed exercises featuring realistic use cases that taught me how, why and when to use some of the CrackMapExec options. Finally, I found that the Skill Assessment was a good challenge and a great overview of all the covered content. The only downside worth of mentioning is that I could flag a lot of typos in the texts. Since the module is relatively new, HTB will probably remediate to that soon enough.
After completing this module, not only that I felt more confident using this tool, but I also learned a lot about the steps and the underneath methodology of an internal engagement. I now better understand why this tool is called the Swiss Army Knife.
I recommend for any beginner and I think it worth the price!
What is CrackMapExec (CME)?
Convenient set of scripts for internal penetration testing in a Windows environment over a large network.
Based on the Impacket scripts package.
Ease of use.
Works on both Linux and Windows systems.
Supports socks proxy and multiple protocols.
Official documentation here.
Official GitHub Repository here.
Last updated