Windows Privilege Escalation: Boot Logon Autostart Execution (Startup Folder)
Windows Startup folder may be targeted by an attacker to escalate privileges or persistence attacks. Adding an application to a startup folder or referencing it using a Registry run key are two ways to...
View ArticleWindows Privilege Escalation: Logon Autostart Execution (Registry Run Keys)
If an attacker finds a service that has all permission and its bind with the Registry run key then he can perform privilege escalation or persistence attacks. When a legitimate user signs in, the...
View ArticlePowercat for Pentester
IntroductionPowercat is a simple network utility used to perform low level network communication operations. The tool is an implementation of the well-known netcat in powershell. Traditional...
View ArticleWindows Privilege Escaslation: HiveNightmare
IntroductionCVE-2021-36934 also known as SeriousSAM and HiveNightmare vulnerability was discovered by Jonas Lykkegaard in July 2021. Due to an ACL misconfiguration in Windows 10 post build 1809 and...
View ArticleMsfvenom Cheatsheet: Windows Exploitation
In this post, you will learn how to use MsfVenom to generate all types of payloads for exploiting the windows platform. Read beginner guide from hereTable of Content · Requirements ·...
View ArticlePowerShell for Pentester: Windows Reverse Shell
Today, we'll explore how to acquire a reverse shell using Powershell scripts on the Windows platform.Table of Content· Powercat· Invoke-PowerShellTcp (Nishang)· ConPtyShell·...
View ArticleExplore Hackthebox Walkthorugh
"Explore" is a Capture the Flag challenge that we'll be solving today. (HTB) Hack the Box is where you can get your hands on one, this box is based on ADB (Android Debug Bridge). So, let’s get started...
View ArticleChronos Vulnhub Walkthrrough
Chronos is an easy/medium machine from Vulnhub by AL1ENUM. This machine is also tested in VirtualBox. This lab is suitable for novices because it has significant bugs such as Remote Command Execution...
View ArticleSeal HackTheBox Walkthrough
Seal is a CTF Linux machine rated as medium difficulty on Hack the Box platform. So let get started and deep dive into breaking down this machine by using the following the methodology below.Pentesting...
View ArticleDarkHole: 2 Vulnhub Walkthrough
DarkHole: 2 is a medium-hard machine created by Jihad Alqurashi for Vulnhub. This system is also put through its paces in VirtualBox. This lab is appropriate for certain experienced CTF players who...
View ArticleWindows Privilege Escalation: Scheduled Task/Job (T1573.005)
An attacker may exploit the Windows Task Scheduler to schedule malicious programmes for initial or recurrent execution. For persistence purposes, an attacker may utilise Windows Task Scheduler to...
View ArticleThales1 Vulnhub Walkthrough
"Thales" is a Capture the Flag challenge available on Vulnhub. MachineBoy deserves credit for developing this box. In this box, we will learn how to exploit a vulnerability in the Tomcat Application...
View Articledigital world.local: FALL Vulnhub Walkthrough
FALL (digitalworld.local: FALL) is a medium level machine created by Donavan for Vulnhub. This lab is appropriate for some experienced CTF players who wish to put their skills to the test in these...
View ArticleA Detailed Guide on Log4J Penetration Testing
In this article, we are going to discuss and demonstrate in our lab setup, the exploitation of the new vulnerability identified as CVE-2021-44228 affecting the java logging package, Log4J. This...
View Articledigital world.local: Vengeance Vulnhub Walkthrough
Donavan's VENGEANCE (digitalworld.local: VENGEANCE) is a medium level machine designed for Vulnhub. This lab includes a difficult exploitation procedure that is suitable for those experienced CTF...
View ArticleEmpire: LupinOne Vulnhub Walkthrough
Empire: LupinOne is a Vulnhub easy-medium machine designed by icex64 and Empire Cybersecurity. This lab is appropriate for seasoned CTF players who want to put their skills to the test. Enumeration is...
View ArticleBounty hunter HackTheBox Walkthrough
Bounty hunter is a CTF Linux machine with an Easy difficulty rating on the Hack the Box platform. So let's get started and take a deep dive into disassembling this machine utilizing the methods...
View ArticleWindows Privilege Escalation: Kernel Exploit
As this series was dedicated to Windows Privilege escalation thus I’m writing this Post to explain command practice for kernel-mode exploitation.Table of Content · What is a kernel?·...
View ArticlePIT HackTheBox Walkthrough
Pit is a CTF linux box with difficulty rated as medium on Hack The Box platform. Lets deep dive into breaking down this machine.Pentesting MethodologiesNetwork Scanning· NmapEnuemration ·...
View ArticleActive Directory Privilege Escalation (CVE-2021–42278)
This post discusses about how CVE-2021-42287 allows potential attackers to gain high privileged user access (domain controllers Administrator level access) via a low privileged user (any normal Domain...
View Article