Ankith BharadwajProcedural Detections to Uncover PsExec Style Lateral Movement10 min read·Apr 24, 2023--1--1
Ankith BharadwajHunting & Detecting SMB Named Pipe Pivoting (Lateral Movement)11 min read·Apr 13, 2023----
Ankith BharadwajDetecting Named Pipe Token Impersonation Abuse — Windows PrivEscNamed Pipe Impersonation is a Windows feature that can be abused for privilege escalation to achieve local SYSTEM. Due to its privileges…6 min read·Apr 5, 2023----
Ankith BharadwajDetecting AlwaysInstallElevated Policy Abuse — Windows PrivEscAlwaysInstallElevated is a group policy setting in Windows, which allows any user to install Windows Installer Packages (.msi files) with…5 min read·Apr 1, 2023----
Ankith BharadwajDeconstructing PowerShell Obfuscation in-the-wildThis post attempts to explore various PowerShell obfuscation techniques, commonly found in malspam campaigns.5 min read·Jan 23, 2022--1--1
Ankith BharadwajUsing Java Deserialization to exploit log4shell — LogForge, HTBThis is primarily a walkthrough for “LogForge” HTB machine. I’ve already explored exploiting log4shell through the classpath loading…10 min read·Jan 2, 2022----
Ankith BharadwajLog4Shell — Intrusion AnalysisIn my previous post I explored the offensive side of Log4Shell to achieve RCE & Persistence, using TryHackMe’s Solar box — Solar…4 min read·Dec 26, 2021--1--1
Ankith BharadwajSolar (log4shell) — TryHackMeIn this walkthrough we’ll be reviewing all of the offensive tasks for the “Solar” box, running Apache Solr, which is vulnerable to…7 min read·Dec 20, 2021----
Ankith BharadwajHack The Box — “Forest” WalkthroughThis is a walkthrough for the “Forest” Hack The Box machine. The walkthrough will be divided into the following sections — Enumeration…12 min read·Dec 4, 2021----
Ankith BharadwajHack The Box — “Bashed” walkthrough without Metasploit(#1)This is a walkthrough for the “Bashed” Hack The Box machine. The walkthrough will be divided into the following three sections —…7 min read·Feb 3, 2021----