Posts

How to Set Up Evilginx3

phishing

Quick tutorial on how to set up evilginx3 phishing framework

AD CS NTLM Relay Attack from Linux

Active Directory AD CS

Guide to exploiting ‘ESC8 — NTLM Relay to AD CS HTTP Endpoints’ from Linux to compromise a domain

Modifying Locks to Improve Security

physical-security locks

A quick look at some basic pin-tumbler locks and how we can modify them to make them a bit more pick resistant

CCTV: Now You See Me, Now You Don't

IoT IP camera v380 pro

How to take over a live IoT camera stream

Clone Mifare Classic 1k Tag To Chameleon Mini RevE Rebooted

physical-security access control

How to clone Mifare Classic 1k tags onto the Chameleon Mini RevE Rebooted

Path Traversal in Adobe ColdFusion (CVE-2019-8074)

CVE-2019-8074 Adobe ColdFusion

Access Control Bypass via Path Taversal

Stored XSS in Piwigo 2.6.0 -> 2.9.0 beta1

XSS Piwigo

A weaponized stored XSS example

Exploiting vulnserver: kstet

vulnserver buffer overflow exploit dev

Egg Hunter

Exploiting vulnserver: gmon

vulnserver buffer overflow exploit dev

SEH Overflow

Exploiting vulnserver: trun

vulnserver buffer overflow exploit dev

Vanilla Stack Overflow

Exploiting vulnserver: Intro

vulnserver buffer overflow exploit dev

I am currently doing OSCE / CTP exam preparation exploiting vulnserver.exe

PiRAT - Remote Drop Box

physical-security remote access tool

Creating a remote access drop box for red teaming