Have you ever heard of CrackMapExec ? CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. It took part in enumeration and exploitation of many...
Author - AdminStar@
Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. It builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching students to perform advanced...
I’m thrilled to publish my first BurpSuite plugin that I’ve built. The purpose is to find bugs on websites without typing any code, just by doing a normal browsing. This first version focuses only on XSS vulnerability...
In this post I would like to talk about shadow credential attack that can be exploited by abusing AddKeyCredentialLink privilege in an Active Directory Infrastructure. 1-What is shadow credential ? It is a technique allowing an...
Recently, I’ve discovered a new way to escalate privilege on windows through WSUS when HTTP protocol is used instead of HTTPS. In this quick explanation I’ll describe what WSUS is, explain how to detect the vulnerability and...
SQL Injection whitebox approach (final part) Dear readers, in parts 1 and 2, we worked on files and patterns identification, enabling database logging and sending requests with a custom python script. In this 3rd and final...
SQL Injection whitebox approach (part2) In the part 1 of this serie, we worked on : Identification of the files we want to deal with; Defining the pattern we will be looking for in the file, for us to inject our payload (GET...
SQL Injection whitebox approach (part1) Have you ever been in a situation where you have a bunch of code to review ? Let’s take an example of Atutor, a fully working Learning Management System (LMS) available at which...
My OSWE Journey Advanced Web Attacks and Exploitation (WEB-300) is an advanced web application security review course. It teaches skills needed to conduct white box web app penetration tests. Students who complete the course...
After many months of updating my privileges escalation skills on Linux, I’ve decided to release a script. I have written this based on my experiences with more than 150 linux boxes. While there is already many scripts for...