Infrastructure

Certificate Based Persistence

Using AD CS certificates to achieve persistence in an Active Directory environment.

Infrastructure

Extracting NTLM Hashes With User Privileges

Extracting NTLM hashes without the need for Mimikatz.

Infrastructure

Offensive Security Experienced Penetration Tester (OSEP) Review

A review of the Evasion Techniques and Breaching Defences course by Offensive Security.

Exploit Dev

Dealing with Small Buffer Space

Using relative JMP instructions to escape small buffers.

Security Engineering

Blocking Outbound Docker Traffic

Blocking outbound docker traffic using an IPTables firewall.

Infrastructure

NTLM Relay Attacks

Performing NTLM relay attacks using SMB and LDAP.

Exploit Dev

64-Bit NX Bypass

Bypassing NX on 64-bit Linux.

Exploit Dev

Bypassing DEP & ASLR in Linux

Bypassing DEP & ASLR using pointer leakage and return orientated programming.

Exploit Dev

Format String Exploitation

A quick tutorial on exploiting format string vulnerabilities to read and write memory.

Security Engineering

PowerShell Constrained Mode

A guide to enabling PowerShell constrained mode.

Security Engineering

Kali Linux – Ensuring Traffic is Only Sent via OpenVPN

A guide on configuring Kali so all network traffic is routed over an OpenVPN connection.

Infrastructure

Pentest One Liners

A list of one line commands for Windows to download and execute payloads.

Infrastructure

Credential Interception Using Malicious SMB Shares

How to intercept NTLM-SSP hashed credentials for offline cracking.

Infrastructure

Casino Royale CTF Walkthrough

A walkthrough for VulnHub’s Casino Royale CTF.

Security Engineering

Windows 10 Software Restriction Policies

Configuring Software Restriction Policies (SRP) in Windows 10.