Windows

Sep 25, 2022  ·  6 min read

HackTheBox - Driver

Driver is also one of the machines listed in the HTB printer exploitation track. It starts with a …

Windows Network-Printer SCF NTLM
Sep 19, 2022  ·  12 min read

HackTheBox - Intelligence

Intelligence brings some cool enumeration and exploitation techniques to own Active Directory. It …

Windows Active-Directory Silver-Ticket DNS
Oct 24, 2021  ·  9 min read

HackTheBox - Return

Return is another machine listed in the HTB printer exploitation track. This machine hosts a web …

Windows Active-Directory Network-Printer Server-Operators
Aug 12, 2021  ·  7 min read

Start a Windows service during its creation [ID]

Eksplorasi Windows Service

Windows Windows-Services Go
Aug 09, 2021  ·  10 min read

HackTheBox - Love

Basic things you can do with SSRF

Windows SSRF AlwaysInstallElevated Msi-Installer
Jul 28, 2021  ·  9 min read

HackTheBox - Heist

Learn how RID cycling could be used for enumerating AD users

Windows Password-Spray Password-Reuse Procdump
Jul 21, 2021  ·  5 min read

Me vs Windows Permissions

Facing weird error on Windows 10? Then maybe this post could help you

Windows Troubleshoot
Jul 15, 2021  ·  9 min read

HackTheBox - Active

Finding passwords in Group Policy Preferences and roasting Kerberos

Windows Active-Directory Kerberoasting Gpp-Decrypt
Jul 10, 2021  ·  10 min read

HackTheBox - Atom

Supplying a malicious update definition to Electron-updater

Windows Electron-Builder Electron-Updater Command-Injection
Jun 09, 2021  ·  12 min read

HackTheBox - Cereal (User)

Chaining XSS, SSRF, and deserialization vulnerabilities to get RCE

Windows Recover-Git DotNET Csharp
May 06, 2021  ·  6 min read

HackTheBox - Omni

Unauthenticated RCE as SYSTEM on Windows 10 IoT

Windows Windows-IoT SirepRAT PSCredential
May 04, 2021  ·  11 min read

HackTheBox - Blackfield

Abusing Backup Operators group to dump Active Directory database

OSCP-Plus Windows Active-Directory ASREP-Roasting
May 03, 2021  ·  12 min read

HackTheBox - Worker

Learn how Azure Pipelines can be abused

Windows Svn Webshell Azure-DevOps
May 01, 2021  ·  8 min read

HackTheBox - Buff

Tunneling with Chisel to deliver a buffer overflow exploit

Windows Webshell CloudMe Buffer-Overflow
Apr 23, 2021  ·  11 min read

HackTheBox - Cascade

Plundering dead Active Directory accounts

Windows Active-Directory SMB VNC
Apr 17, 2021  ·  17 min read

HackTheBox - APT

Enumerating network interfaces of a remote computer via MSRPC and exploit NTLMv1

OSCP-Plus Windows Active-Directory MS-RPC
Apr 16, 2021  ·  10 min read

HackTheBox - Nest

Nest is one of my favorite machines after Forest, I learned a lot about enumeration here, especially …

Windows SMB Alternate-Data-Stream DotN
Apr 07, 2021  ·  5 min read

HackTheBox - Sauna

Learn basic exploitation of Active Directory

OSCP-Plus Windows Active-Directory ASREP-Roasting
Apr 06, 2021  ·  6 min read

HackTheBox - ServMon

Exploiting embedded system software

Windows Directory-Traversal NVMS-1000 NSClient
Apr 05, 2021  ·  6 min read

HackTheBox - Remote

Enumerating public NFS and gain access to sensitive files

Windows NFS Metasploit TeamViewer
Apr 03, 2021  ·  7 min read

HackTheBox - Forest

Using BloodHound to discover abusable Active Directory groups

Windows Active-Directory ASREP-Roasting BloodHound