2024
- 29 / 05 SQLite Database
- 29 / 05 Realm database
- 29 / 05 Plist Files
- 29 / 05 Data Storage Keychain dumper
- 29 / 05 Firebase database
- 29 / 05 Binary Cookies
- 29 / 05 Finding GUID with ipainstaller
- 27 / 05 Setup for iOS Mobile Assessment
- 27 / 05 Signing IPA with TrollStore (Non-jailbroken)
- 27 / 05 Signing IPA with Sideloadly (Non-jailbroken)
- 27 / 05 Installing Unc0ver
- 29 / 01 Sauna (Easy)
- 29 / 01 Forest (Easy)
- 15 / 01 Python Upload Server
- 15 / 01 FTP Transfer files
- 15 / 01 WebDAV Uploading files via SMB (over HTTP)
- 15 / 01 Transfering Files with Code
- 15 / 01 Living off the land (LOLBAS & GTFOBins)
- 02 / 01 Same-Origin Policy and CORS
2023
- 27 / 12 Seatbelt for PrivEsc
- 27 / 12 Base64 Upload/Download
- 26 / 12 WebShells
- 24 / 11 Regex
- 03 / 11 Visual Studio Remote Debugging
- 31 / 10 Visual Studio Code on Linux
- 31 / 10 DotNet Modifying Assemblies
- 31 / 10 Visual Studio Debugging
- 31 / 10 Source Code Review Methodology
- 30 / 10 Interacting with Web Listeners using Python
- 30 / 10 DotNet Decompilation
- 01 / 10 Capturing Handshake
- 30 / 09 Attacking WEP
- 28 / 09 Attacking WPA Enterprise
- 28 / 09 Attacking Captive Portals
- 27 / 09 Rogue Access Points
- 27 / 09 Attacking WPS Networks
- 27 / 09 Password mutation (Dictionary Creation)
- 27 / 09 Hashcat Wireless
- 27 / 09 Cracking Hashes
- 26 / 09 Airolib-ng (Cracking PMKs)
- 26 / 09 Airodump-ng (Capturing)
- 26 / 09 Airmon-ng (Monitor Mode)
- 26 / 09 Airgraph-ng (Graphs)
- 26 / 09 Aireplay-ng (Generate-Traffic)
- 26 / 09 Airdecap-ng (Decryption)
- 26 / 09 Aircrack-ng (Cracking)
- 25 / 09 Remote Capture
- 22 / 09 Wireshark Tricks
- 22 / 09 Wireshark Display Filters
- 22 / 09 Installing Wireless Cards Drivers
- 17 / 09 Wireless Utilities
- 17 / 09 rfkill Utility
- 17 / 09 Loading and Unloading Wireless Drivers
- 17 / 09 Change Chipset Regulations
- 17 / 09 Wireless Monitor Mode Interface
- 28 / 08 PHP Debugging
- 28 / 08 NodeJS Prototype Hunting
- 28 / 08 NodeJS Debugging
- 28 / 08 Java Source Code Recovery
- 28 / 08 Java Decompilation
- 28 / 08 Java Debugging
- 11 / 07 XSS Hunting
- 01 / 07 DotNet Debugging
- 28 / 06 DirtyCow Privilege Escalation
- 27 / 06 DotNet Source Code Review
- 22 / 06 PHP Source Code Review
- 19 / 06 NodeJS Source Code Review
- 19 / 06 Java Source Code Review
- 30 / 05 Intelligence (Medium)
- 28 / 05 BloodHound Vector Attacks
- 24 / 05 Tentacle (Hard)
- 23 / 05 Chirpy Markdown
- 23 / 05 AV Evasion Techniques
- 23 / 05 S3 Buckets
- 23 / 05 S3 Buckets
- 18 / 05 Fulcrum (Insane)
- 18 / 05 Anubis (Insane)
- 15 / 05 Acute (Hard)
- 12 / 05 Sizzle (Insane)
- 10 / 05 Scrambled (Medium)
- 08 / 05 Cascade (Medium)
- 03 / 05 Search (Hard)
- 01 / 05 Reel (Hard)
- 30 / 04 Resolute (Medium)
- 24 / 04 StreamIO (Medium)
- 24 / 04 Querier (Medium)
- 14 / 04 Escape (Medium)
- 08 / 04 DCSync Attack
- 27 / 03 Subversion (tcp-3690)
- 27 / 03 MYSQL (tcp-3306)
- 02 / 03 Wordpress
- 18 / 02 Automated Enumeration (Linux)
- 18 / 02 For Privilege Access (Linux)
- 17 / 02 SSH (tcp-22)
- 17 / 02 NFS (tcp-111)
- 11 / 02 Reverse Shells
- 11 / 02 SQL Injection MSSQL
- 11 / 02 SQL Injection
- 09 / 02 Active (Easy)
- 09 / 02 SYSVOL (Groups.xml)
- 09 / 02 SMB Download
- 09 / 02 IMAP/POP3 (tcp-110)
- 09 / 02 SMB (tcp-445)
- 08 / 02 Pass The Hash
- 08 / 02 ASREPRoast Attack
- 08 / 02 RPC (tcp-135)
- 07 / 02 Git enumeration
- 06 / 02 Timelapse (Easy)
- 06 / 02 DCSync Attack
- 06 / 02 PowerView Modules
- 06 / 02 Legacy PFX Certificate
- 06 / 02 Chisel
- 06 / 02 XXE Blind Out of Band
- 06 / 02 XXE Basic
- 06 / 02 Powershell Modules
- 06 / 02 NTP (UDP 123)
- 06 / 02 LDAP (tcp-369, tcp-636, tcp-3268)
- 06 / 02 KERBEROS (tcp-88)
- 04 / 02 Linux PATH Hijacking
- 03 / 02 Responder
- 03 / 02 Bloodhound
- 03 / 02 NTP Synchronization
- 03 / 02 Windows User Creation/Group Addition
- 03 / 02 Unquoted Service Path
- 03 / 02 UAC Integrity Level Upgrade
- 03 / 02 Certutil.exe
- 03 / 02 System (Windows)
- 03 / 02 NMAP
- 02 / 02 Common Ports
- 01 / 02 PHP Wrappers
- 01 / 02 PHP RFI
- 31 / 01 Outdated (Medium)
- 31 / 01 DotNet Project Compilation
- 31 / 01 Fully Interactive TTY (Windows)
- 31 / 01 RCE via SSTI
- 30 / 01 Worker (Medium)
- 29 / 01 WinRM Certificate (password-less) based authentication
- 29 / 01 Windows File Transfer
- 29 / 01 Powershell Download
- 28 / 01 Hashcat
- 28 / 01 SMB Share with writting Permissions (SCF Attack)
- 28 / 01 Local File Inclusion
- 26 / 01 Websocket Exploitation
- 24 / 01 SWAKS (Swiss Army Knife for SMTP)
- 24 / 01 Follina Exploitation
- 23 / 01 Fully Interactive TTY (Linux)
- 23 / 01 NodeJS
- 23 / 01 Kerberos Exploitation
- 23 / 01 (UAC) Bypass - fodhelper.exe
- 23 / 01 Pkexec Privilege Escalation
- 23 / 01 Squid Proxy (tcp-3128)
- 23 / 01 DNS (tcp & udp-53)
- 22 / 01 Silver Ticket Attack
- 22 / 01 SeImpersonatePrivilege
- 22 / 01 Web Fuzzing
- 22 / 01 MSSQL (tcp-1433)
- 21 / 01 Password Spraying
- 05 / 01 Creds.xml
- 02 / 01 Domain Admin Techniques
- 02 / 01 Firefox Cache Passwords
2022
- 26 / 12 RDP Remote Login
- 16 / 12 Dumping SAM
- 16 / 12 MS17-010
- 15 / 12 Python Virtual Environment
- 11 / 12 MariaDB/MySQL UDF Exploitation
- 11 / 12 Networking (Windows)
- 11 / 12 Adobe Experience Manager
- 10 / 12 Wordpress Loading Plugin Shell
- 08 / 12 Kerberoasting
- 21 / 11 upnphost and SSDPSRV
- 20 / 11 GCC Compilation
- 19 / 11 Automated Enumeration (Windows)
- 17 / 11 Uploads Using Windows Scripting Languages
- 14 / 11 Crackmapexec
- 13 / 11 Plink
- 13 / 11 NETSH
- 13 / 11 HTTP Tunneling Through Deep Packet Inspection
- 12 / 11 Network Service Attack Methods
- 12 / 11 Rinetd
- 11 / 11 Kernel Vulnerabilities via Drivers
- 11 / 11 Insecure File Permissions (Windows)
- 11 / 11 Kernel Vulnerabilities
- 10 / 11 User Information (Windows)
- 10 / 11 For Privilege Access (Windows)
- 10 / 11 Applications
- 10 / 11 System (Linux)
- 10 / 11 Jobs and Tasks
- 10 / 11 FTP (tcp-21)
- 09 / 11 Insecure File Permissions (Linux)
- 09 / 11 VBS Download
- 09 / 11 Uploading files using TFTP (older Windows Systems)
- 09 / 11 Downloads with exe2hex and Powershell
- 06 / 11 Deserialization Attack
- 06 / 11 Cross-Compiling Exploit Code
- 05 / 11 Buffer Overflow (Linux)
- 14 / 10 Buffer Overflow (Windows)
- 12 / 10 Networking (Linux)
- 17 / 09 RDP (tcp-3389)
- 09 / 09 SNMP (udp-161)
- 05 / 09 PHPMyAdmin Brute Force via Burpsuite Intruder
- 05 / 09 Local Web Server
- 03 / 09 User Enumeration Gathering
- 03 / 09 Nikto
- 02 / 09 Search Engines
- 02 / 09 SNMP Read and Write Community Abuse
- 02 / 09 SMTP (tcp-25)
- 02 / 09 Netcat Port Scanning
- 02 / 09 NETBIOS (tcp-139)
- 31 / 08 Social Media
- 31 / 08 Recon-ng
- 31 / 08 Domain Enumeration Gathering
- 30 / 08 Powershell Reverse Shell
- 30 / 08 Tcpdump
- 29 / 08 Netcat File Transfer
- 29 / 08 Netcat File Transfer
- 29 / 08 Common Commands
- 24 / 08 Epsilon (Medium)
- 24 / 08 AWS CLI
- 24 / 08 Tar Symlink Exploitation (Linux)
- 24 / 08 SSH Hijacking
- 24 / 08 User Information (Linux)
- 24 / 08 Software Version
- 24 / 08 Services
- 24 / 08 Linux Abusing Directory Structure
- 16 / 08 Spring4Shell
- 16 / 08 Network Enumeration
- 12 / 08 Shellshock
- 11 / 08 Cupsctl LFI
- 11 / 08 Ansible RCE via YAML file
- 07 / 08 Drupal Exploitation
- 04 / 08 Python Library Hijacking
- 04 / 08 Services Running
- 12 / 07 Backdoor (Medium)
- 12 / 07 GDBServer 9.2 RCE
- 12 / 07 SUID Screen Exploitation
- 07 / 07 Azure Devops Enumeration
- 17 / 02 SCP