Sep 25, 2022
·
6 min readDriver is also one of the machines listed in the HTB printer exploitation track. It starts with a …
Sep 19, 2022
·
12 min readIntelligence brings some cool enumeration and exploitation techniques to own Active Directory. It …
Oct 24, 2021
·
9 min readReturn is another machine listed in the HTB printer exploitation track. This machine hosts a web …
Aug 09, 2021
·
10 min readBasic things you can do with SSRF
Jul 28, 2021
·
9 min readLearn how RID cycling could be used for enumerating AD users
Jul 21, 2021
·
5 min readFacing weird error on Windows 10? Then this post might help you
Jul 15, 2021
·
9 min readFinding passwords in Group Policy Preferences and roasting Kerberos
Jul 10, 2021
·
10 min readSupplying a malicious update definition to Electron-updater
Jun 09, 2021
·
12 min readChaining XSS, SSRF, and deserialization vulnerabilities to get RCE
May 06, 2021
·
6 min readUnauthenticated RCE as SYSTEM on Windows 10 IoT
May 04, 2021
·
11 min readAbusing Backup Operators group to dump Active Directory database
May 03, 2021
·
12 min readLearn how Azure Pipelines can be abused
May 01, 2021
·
8 min readTunneling with Chisel to deliver a buffer overflow exploit
Apr 23, 2021
·
11 min readPlundering dead Active Directory accounts
Apr 17, 2021
·
17 min readEnumerating network interfaces of a remote computer via MSRPC and exploit NTLMv1
Apr 16, 2021
·
10 min readNest is one of my favorite machines after Forest, I learned a lot about enumeration here, especially …
Apr 07, 2021
·
5 min readLearn basic exploitation of Active Directory
Apr 06, 2021
·
6 min readExploiting embedded system software
Apr 05, 2021
·
6 min readEnumerating public NFS and gain access to sensitive files
Apr 03, 2021
·
7 min readUsing BloodHound to discover abusable Active Directory groups