by using zip concatenation we will bypass the file upload restrictions and upload a php webshell to gain the initial access, after upgrading the access to silver beacon we will setup a port forward to...

by exploiting CVE-2025-24071 we will get p.agila’s netntlm hash and crack it with hashcat, after that we will setup shadow credentials for ca_svc account and finally exploit AD CS ESC16 to compromise ...

by exploiting an lfi vulnerability in splunk, we will retrieve paul’s encrypted password inside authentication.conf file, after decrypting the password and spraying it, we find that the user mark is u...

in todays blog post, i will chain browser cache smuggling, filefix and com-hijacking for initial access and persistence at the same time. the end objective of this chain is to make google chrome and m...

starting with an nfs share, we will grab pfx certificate files and use crackpkcs12 to recover their passwords, after recovering the password, we will use the certificate to authenticate to the domain ...