Archives

2024

29 / 05 SQLite Database
29 / 05 Realm database
29 / 05 Plist Files
29 / 05 Data Storage Keychain dumper
29 / 05 Firebase database
29 / 05 Binary Cookies
29 / 05 Finding GUID with ipainstaller
27 / 05 Setup for iOS Mobile Assessment
27 / 05 Signing IPA with TrollStore (Non-jailbroken)
27 / 05 Signing IPA with Sideloadly (Non-jailbroken)
27 / 05 Installing Unc0ver
29 / 01 Sauna (Easy)
29 / 01 Forest (Easy)
15 / 01 Python Upload Server
15 / 01 FTP Transfer files
15 / 01 WebDAV Uploading files via SMB (over HTTP)
15 / 01 Transfering Files with Code
15 / 01 Living off the land (LOLBAS & GTFOBins)
02 / 01 Same-Origin Policy and CORS

2023

27 / 12 Seatbelt for PrivEsc
27 / 12 Base64 Upload/Download
26 / 12 WebShells
24 / 11 Regex
03 / 11 Visual Studio Remote Debugging
31 / 10 Visual Studio Code on Linux
31 / 10 DotNet Modifying Assemblies
31 / 10 Visual Studio Debugging
31 / 10 Source Code Review Methodology
30 / 10 Interacting with Web Listeners using Python
30 / 10 DotNet Decompilation
01 / 10 Capturing Handshake
30 / 09 Attacking WEP
28 / 09 Attacking WPA Enterprise
28 / 09 Attacking Captive Portals
27 / 09 Rogue Access Points
27 / 09 Attacking WPS Networks
27 / 09 Password mutation (Dictionary Creation)
27 / 09 Hashcat Wireless
27 / 09 Cracking Hashes
26 / 09 Airolib-ng (Cracking PMKs)
26 / 09 Airodump-ng (Capturing)
26 / 09 Airmon-ng (Monitor Mode)
26 / 09 Airgraph-ng (Graphs)
26 / 09 Aireplay-ng (Generate-Traffic)
26 / 09 Airdecap-ng (Decryption)
26 / 09 Aircrack-ng (Cracking)
25 / 09 Remote Capture
22 / 09 Wireshark Tricks
22 / 09 Wireshark Display Filters
22 / 09 Installing Wireless Cards Drivers
17 / 09 Wireless Utilities
17 / 09 rfkill Utility
17 / 09 Loading and Unloading Wireless Drivers
17 / 09 Change Chipset Regulations
17 / 09 Wireless Monitor Mode Interface
28 / 08 PHP Debugging
28 / 08 NodeJS Prototype Hunting
28 / 08 NodeJS Debugging
28 / 08 Java Source Code Recovery
28 / 08 Java Decompilation
28 / 08 Java Debugging
11 / 07 XSS Hunting
01 / 07 DotNet Debugging
28 / 06 DirtyCow Privilege Escalation
27 / 06 DotNet Source Code Review
22 / 06 PHP Source Code Review
19 / 06 NodeJS Source Code Review
19 / 06 Java Source Code Review
30 / 05 Intelligence (Medium)
28 / 05 BloodHound Vector Attacks
24 / 05 Tentacle (Hard)
23 / 05 Chirpy Markdown
23 / 05 AV Evasion Techniques
23 / 05 S3 Buckets
23 / 05 S3 Buckets
18 / 05 Fulcrum (Insane)
18 / 05 Anubis (Insane)
15 / 05 Acute (Hard)
12 / 05 Sizzle (Insane)
10 / 05 Scrambled (Medium)
08 / 05 Cascade (Medium)
03 / 05 Search (Hard)
01 / 05 Reel (Hard)
30 / 04 Resolute (Medium)
24 / 04 StreamIO (Medium)
24 / 04 Querier (Medium)
14 / 04 Escape (Medium)
08 / 04 DCSync Attack
27 / 03 Subversion (tcp-3690)
27 / 03 MYSQL (tcp-3306)
02 / 03 Wordpress
18 / 02 Automated Enumeration (Linux)
18 / 02 For Privilege Access (Linux)
17 / 02 SSH (tcp-22)
17 / 02 NFS (tcp-111)
11 / 02 Reverse Shells
11 / 02 SQL Injection MSSQL
11 / 02 SQL Injection
09 / 02 Active (Easy)
09 / 02 SYSVOL (Groups.xml)
09 / 02 SMB Download
09 / 02 IMAP/POP3 (tcp-110)
09 / 02 SMB (tcp-445)
08 / 02 Pass The Hash
08 / 02 ASREPRoast Attack
08 / 02 RPC (tcp-135)
07 / 02 Git enumeration
06 / 02 Timelapse (Easy)
06 / 02 DCSync Attack
06 / 02 PowerView Modules
06 / 02 Legacy PFX Certificate
06 / 02 Chisel
06 / 02 XXE Blind Out of Band
06 / 02 XXE Basic
06 / 02 Powershell Modules
06 / 02 NTP (UDP 123)
06 / 02 LDAP (tcp-369, tcp-636, tcp-3268)
06 / 02 KERBEROS (tcp-88)
04 / 02 Linux PATH Hijacking
03 / 02 Responder
03 / 02 Bloodhound
03 / 02 NTP Synchronization
03 / 02 Windows User Creation/Group Addition
03 / 02 Unquoted Service Path
03 / 02 UAC Integrity Level Upgrade
03 / 02 Certutil.exe
03 / 02 System (Windows)
03 / 02 NMAP
02 / 02 Common Ports
01 / 02 PHP Wrappers
01 / 02 PHP RFI
31 / 01 Outdated (Medium)
31 / 01 DotNet Project Compilation
31 / 01 Fully Interactive TTY (Windows)
31 / 01 RCE via SSTI
30 / 01 Worker (Medium)
29 / 01 WinRM Certificate (password-less) based authentication
29 / 01 Windows File Transfer
29 / 01 Powershell Download
28 / 01 Hashcat
28 / 01 SMB Share with writting Permissions (SCF Attack)
28 / 01 Local File Inclusion
26 / 01 Websocket Exploitation
24 / 01 SWAKS (Swiss Army Knife for SMTP)
24 / 01 Follina Exploitation
23 / 01 Fully Interactive TTY (Linux)
23 / 01 NodeJS
23 / 01 Kerberos Exploitation
23 / 01 (UAC) Bypass - fodhelper.exe
23 / 01 Pkexec Privilege Escalation
23 / 01 Squid Proxy (tcp-3128)
23 / 01 DNS (tcp & udp-53)
22 / 01 Silver Ticket Attack
22 / 01 SeImpersonatePrivilege
22 / 01 Web Fuzzing
22 / 01 MSSQL (tcp-1433)
21 / 01 Password Spraying
05 / 01 Creds.xml
02 / 01 Domain Admin Techniques
02 / 01 Firefox Cache Passwords

2022

26 / 12 RDP Remote Login
16 / 12 Dumping SAM
16 / 12 MS17-010
15 / 12 Python Virtual Environment
11 / 12 MariaDB/MySQL UDF Exploitation
11 / 12 Networking (Windows)
11 / 12 Adobe Experience Manager
10 / 12 Wordpress Loading Plugin Shell
08 / 12 Kerberoasting
21 / 11 upnphost and SSDPSRV
20 / 11 GCC Compilation
19 / 11 Automated Enumeration (Windows)
17 / 11 Uploads Using Windows Scripting Languages
14 / 11 Crackmapexec
13 / 11 Plink
13 / 11 NETSH
13 / 11 HTTP Tunneling Through Deep Packet Inspection
12 / 11 Network Service Attack Methods
12 / 11 Rinetd
11 / 11 Kernel Vulnerabilities via Drivers
11 / 11 Insecure File Permissions (Windows)
11 / 11 Kernel Vulnerabilities
10 / 11 User Information (Windows)
10 / 11 For Privilege Access (Windows)
10 / 11 Applications
10 / 11 System (Linux)
10 / 11 Jobs and Tasks
10 / 11 FTP (tcp-21)
09 / 11 Insecure File Permissions (Linux)
09 / 11 VBS Download
09 / 11 Uploading files using TFTP (older Windows Systems)
09 / 11 Downloads with exe2hex and Powershell
06 / 11 Deserialization Attack
06 / 11 Cross-Compiling Exploit Code
05 / 11 Buffer Overflow (Linux)
14 / 10 Buffer Overflow (Windows)
12 / 10 Networking (Linux)
17 / 09 RDP (tcp-3389)
09 / 09 SNMP (udp-161)
05 / 09 PHPMyAdmin Brute Force via Burpsuite Intruder
05 / 09 Local Web Server
03 / 09 User Enumeration Gathering
03 / 09 Nikto
02 / 09 Search Engines
02 / 09 SNMP Read and Write Community Abuse
02 / 09 SMTP (tcp-25)
02 / 09 Netcat Port Scanning
02 / 09 NETBIOS (tcp-139)
31 / 08 Social Media
31 / 08 Recon-ng
31 / 08 Domain Enumeration Gathering
30 / 08 Powershell Reverse Shell
30 / 08 Tcpdump
29 / 08 Netcat File Transfer
29 / 08 Netcat File Transfer
29 / 08 Common Commands
24 / 08 Epsilon (Medium)
24 / 08 AWS CLI
24 / 08 Tar Symlink Exploitation (Linux)
24 / 08 SSH Hijacking
24 / 08 User Information (Linux)
24 / 08 Software Version
24 / 08 Services
24 / 08 Linux Abusing Directory Structure
16 / 08 Spring4Shell
16 / 08 Network Enumeration
12 / 08 Shellshock
11 / 08 Cupsctl LFI
11 / 08 Ansible RCE via YAML file
07 / 08 Drupal Exploitation
04 / 08 Python Library Hijacking
04 / 08 Services Running
12 / 07 Backdoor (Medium)
12 / 07 GDBServer 9.2 RCE
12 / 07 SUID Screen Exploitation
07 / 07 Azure Devops Enumeration
17 / 02 SCP

exploitation wireless file transfer hackthebox active directory scr windows privesc mobile linux enumeration linux privesc

exploitation wireless file transfer hackthebox active directory scr windows privesc mobile linux enumeration linux privesc