In this module I will cover how you can enumerate Microsoft Active Directory with Powerview and gather critical information about the Active Directory and its components.

Last week, Microsoft released out-of-band updates to address multiple zero-day vulnerabilities which affect the on-premises version of the exchange server

Enterprises are using Microsoft Active Directory for identity management and protecting resources. As a blue or red teamer finding and exploiting flaws and understanding the underlying security issue is very important

Powershell is an extremely powerful scripting and administration language that is baked right into Windows, this make an attractive target for attackers. Over the years PowerShell is increasingly being used as an offensive tool for attacks by threat actors

Demo of recent Windows Zerologin exploit

This is a recently retired binary exploitation (pwn) challenge from hackthebox.

Chainsaw is a retired vulnerable VM from Hack. This box is about Solidity, Ethereum Blockchain and IPFS Exploitation

Carrier is a retired vulnerable VM from Hack. This box is really fun since it allows us to play with BGP Hijacking which is pretty rare to see in CTF like challenges.

This is the Second challenge from ROP Emporium, challenge name Split. In this challenge we have to create a small ROP Chain which execute system and give us the flag to complete the challenge. Through out this i am going to use radare2 as much as i can, just for learning the tool. Radare2 is a complete framework for reverse-engineering and analyzing binaries.

Doing these challenges to improve my binary exploitation skills and teach my self Return oriented programming (ROP). These challenges use the usual CTF objective of retrieving the contents of a file named flag.txt from a remote machine by exploiting a given binary

OpenAdmin is rated as a Easy Linux box. It was released on 04 Jan 2020 and has been created by @dmw0ng This box required us to perform the following tasks: - Enumerate a web server to find vulnerable web application - Exploit Web app to get initial foothold - Credential reuse attack - Download users SSH private key and crack - Exploit misconfigured nano permission

This blogpost contains the solutions for Narnia series of challenges from overthewire, this category of challenges are aimed at beginners to binary exploitation. Let's take a look at the code of this program.The below C code is the source code for the first challenge in the Narnia series of challenges from Overthewire.

Welcome to part one of the x86 Linux binary exploitation series. In these series of posts, I will cover x86 Linux binary exploitation, from basics to advanced topics.

Welcome to part one of the x86 Linux binary exploitation series. In these series of posts, I will cover x86 Linux binary exploitation, from basics to advanced topics.