Detecting Named Pipe Token Impersonation Abuse — Windows PrivEscNamed Pipe Impersonation is a Windows feature that can be abused for privilege escalation to achieve local SYSTEM. Due to its privileges…Apr 5, 2023Apr 5, 2023
Detecting AlwaysInstallElevated Policy Abuse — Windows PrivEscAlwaysInstallElevated is a group policy setting in Windows, which allows any user to install Windows Installer Packages (.msi files) with…Apr 1, 2023Apr 1, 2023
Deconstructing PowerShell Obfuscation in-the-wildThis post attempts to explore various PowerShell obfuscation techniques, commonly found in malspam campaigns.Jan 23, 20221Jan 23, 20221
Using Java Deserialization to exploit log4shell — LogForge, HTBThis is primarily a walkthrough for “LogForge” HTB machine. I’ve already explored exploiting log4shell through the classpath loading…Jan 2, 2022Jan 2, 2022
Log4Shell — Intrusion AnalysisIn my previous post I explored the offensive side of Log4Shell to achieve RCE & Persistence, using TryHackMe’s Solar box — Solar…Dec 26, 20211Dec 26, 20211
Solar (log4shell) — TryHackMeIn this walkthrough we’ll be reviewing all of the offensive tasks for the “Solar” box, running Apache Solr, which is vulnerable to…Dec 20, 2021Dec 20, 2021
Hack The Box — “Forest” WalkthroughThis is a walkthrough for the “Forest” Hack The Box machine. The walkthrough will be divided into the following sections — Enumeration…Dec 4, 2021Dec 4, 2021
Hack The Box — “Bashed” walkthrough without Metasploit(#1)This is a walkthrough for the “Bashed” Hack The Box machine. The walkthrough will be divided into the following three sections —…Feb 3, 2021Feb 3, 2021