Oct 15, 2022
·
9 min readBypass SSRF filters using domain redirection and abusing Python PDB
Aug 06, 2021
·
9 min readDeserialization attack on YAML and reversing web assembly
Aug 06, 2021
·
9 min readCode execution with path traversal
Jul 28, 2021
·
9 min readLearn how RID cycling could be used for enumerating AD users
Jul 15, 2021
·
9 min readFinding passwords in Group Policy Preferences and roasting Kerberos
Jul 13, 2021
·
4 min readHands on with ShellShock vulnerability
Jul 10, 2021
·
10 min readSupplying a malicious update definition to Electron-updater
Jun 13, 2021
·
10 min readAlfa starts with enumeration on FTP to obtain a username and an image file which named after a pet. …
Jun 02, 2021
·
9 min readDC-9 from VulnHub features a website that is vulnerable to SQL injection.
I’m able to dump a bunch …
May 30, 2021
·
8 min readDC-6 starts off by enumerating usernames from a WordPress website and use a brute-force attack …
May 25, 2021
·
9 min readExploiting a logic flaw called TicketTrick
May 15, 2021
·
9 min readTurns SSRF to remote code execution and escape from a Docker container
May 09, 2021
·
9 min readExploiting an insecure deserialization on Jackson library and how to mitigate it
May 08, 2021
·
8 min readSeven times seven is equal to SSTI
May 07, 2021
·
9 min readUSBCreator LPE on Linux
May 06, 2021
·
6 min readUnauthenticated RCE as SYSTEM on Windows 10 IoT
May 04, 2021
·
11 min readAbusing Backup Operators group to dump Active Directory database
May 03, 2021
·
12 min readLearn how Azure Pipelines can be abused
May 01, 2021
·
8 min readTunneling with Chisel to deliver a buffer overflow exploit
Apr 28, 2021
·
10 min readExample of a phishing attack and PyPI package exploitation
Apr 26, 2021
·
7 min readAbusing Tomcat manager-script roles and escalate to root with LXC container
Apr 24, 2021
·
14 min readPentesting against simulated AWS S3 Bucket
Apr 23, 2021
·
11 min readPlundering dead Active Directory accounts
Apr 17, 2021
·
17 min readEnumerating network interfaces of a remote computer via MSRPC and exploit NTLMv1
Apr 16, 2021
·
10 min readNest is one of my favorite machines after Forest, I learned a lot about enumeration here, especially …
Apr 09, 2021
·
6 min readSQLi for login bypass and embed webshell to an image file
Apr 07, 2021
·
5 min readLearn basic exploitation of Active Directory
Apr 06, 2021
·
6 min readExploiting embedded system software
Apr 05, 2021
·
6 min readEnumerating public NFS and gain access to sensitive files
Apr 03, 2021
·
7 min readUsing BloodHound to discover abusable Active Directory groups
Apr 02, 2021
·
6 min readExploiting OpenNetAdmin vulnerability and sudo nano