in todays blog post, i will chain browser cache smuggling, filefix and com-hijacking for initial access and persistence at the same time. the end objective of this chain is to make google chrome an...

in this assume breach scenario, we will abuse the write spn right that the user john has over alfred to get a service ticket encrypted with alfred's passwrod and then crack it with hashcat after th...

by using zip concatenation we will bypass the file upload restrictions and upload a php webshell to gain the initial access, after upgrading the access to silver beacon we will setup a port forward...

in this assume breach scenario, we will add levi.james to the developer group so that we can have access to an encrypted keepass database located in the DEV share, after bruteforcing the database's...

by exploiting CVE-2025-24071 we will get p.agila's netntlm hash and crack it with hashcat, after that we will setup shadow credentials for ca_svc account and finally exploit AD CS ESC16 to compromi...

by exploiting an lfi vulnerability in splunk, we will retrieve paul's encrypted password inside authentication.conf file, after decrypting the password and spraying it, we find that the user mark i...

starting with an nfs share, we will grab pfx certificate files and use crackpkcs12 to recover their passwords, after recovering the password, we will use the certificate to authenticate to the doma...