penetration testing Featured 10 Things I Learnt in My First Year as a Penetration Tester A reflective look back on what my first year as penetration tester/cyber security consultant taught me, and how those lessons can potentially help you.
active directory Exploiting Active Directory Certificate Services - ESC11 Walkthrough An overview and lab exploitation example of the ESC11 vulnerability, present in Active Directory Certificate Services when request encryption is disabled.
hackthebox Featured Hack the Box Walkthroughs: Hathor Hathor from Hack the Box was an Insane Windows machine that involves exploiting a misconfigured file upload, then identifying credentials in log files, before performing some DLL hijacking and finally, abusing an account with replication rights to obtain the administrator's password hash.
active directory Automating the Creation of TCM Security's PEH Home Active Directory Labs - It's Terra-fying A guide on how to terraform the Active Directory Home Lab from the Practical Ethical Hacking course by TCM Security - and coincidentally - My first attempt at Infrastructure-as-Code and DevOps!
active directory Hack the Box Walkthroughs: Anubis - Using SliverC2 In an attempt to broaden my skill set, I'll be using the SliverC2 to complete Hack the Box machines and learn more about this fantastic Command and Control framework. This time around it's the retired box: Anubis!
cybersecurity Featured Active Directory Penetration Testing - The Fundamentals of Kerberos A blog post for me to try and finally fully understand the internals of how Kerberos and Active Directory authentication works within a domain (and how it's broken).
ZeroPointSecurity Certified Red Team Operator (CRTO) Course - A Comprehensive Review A review of ZeroPointSecurity's Certified Red Team Operator course.
PNPT (Practical Network Penetration Tester) - Course Review - 2022 - Should you take it? A thorough review of The Cyber Mentor's new certification: The Practical Network Penetration Tester. Wondering what I thought of this new certificate disrupting the industry? Fear not! Let's dive right in.
Metasploit CTF 2021 Challenge Writeups Writeups and solutions for nearly all of the 2021 Metasploit Capture the Flag.
OSEP Review 2021 - Offensive Security Experienced Pentester What's up, security folks! Today I'll be putting pen to the paper and going over my thoughts on the Evasion Techniques and Breaching Defenses course from Offensive Security, colloquially known as the OSEP. I passed my exam at the end of November, so consider this a review of the updated
TokyoWesterns 2017 - Pwn - Just Do It! Today we'll be exploring an ever so slightly harder Pwn challenge that appeared in TokyoWesterns 2017 - Just Do It!
Insecure Deserialization - Overview, Exploitation and Remediation Insecure Deserialization is a concept that is often conveyed as one of the harder vulnerabilities to exploit, and I for one struggled to get my head around it initially. This has led to the creation of this post, where I'll be attempting to break down the concepts behind it and
Creating a Home Active Directory Lab Good afternoon folks! I've recently been studying for my CRTP [https://www.pentesteracademy.com/activedirectorylab], but my lab access expired. Now, I could pay for more time in the labs, but the elegant misconfigurations demonstrated by Nikhil Mittal in the CRTP really fascinated me. How easy was it to end
Discovering Stored XSS in Wordpress Plugin YOP Polls v6.2.7 - CVE-2021-24454 Good afternoon security fanatics. Back again today with a brief walk-through of a stored XSS (Cross Site Scripting) that I recently discovered in another wordpress poll plugin. YOP Polls, active on over 20,000 sites, allows users to create interactive and aesthetic polls that are fully customizable and perfect for
WpDevArt Wordpress Polls Plugin < 1.5.2 - Blind SQL Injection What's up everyone! Today I'll be quickly discussing my first CVE entry - CVE-2021-24442 - and my thought process when I decided to start looking for it. It's been my goal for a while, not only for a little confidence boost among the consistent industry imposter syndrome, but primarily to
PicoCTF 2021 - Web Challenge Writeups With PicoCTF 2021 [https://play.picoctf.org] officially over, I thought I'd take the time to do a small write-up on a couple of the web challenges I completed. Nothing too complex here, some basic cookie manipulation, md5 collisions and a de-serialization vulnerability. It was great putting some of the
PicoCTF 2021 - Binary Exploitation Challenge Writeups Write-Up for some of the binary exploitation challenges in PicoCTF 2021.
TryHackMe: Watcher Boot2root Walkthrough Synopsis Watcher was an eloquently constructed beginner level box designed to help introduce some key concepts and methods that are often seen across various penetration testing platforms. Despite not having any particularly difficult parts, it required some out of the box thinking as well as the ability to effectively analyse