home

AD

• Exploring The NOPAC Vulnerability in AD:from any user to Domain Admin
• Achieving Domain Compromise via the DCSync Technique [CHEATSHEET]

Active Directory

• Exploring The NOPAC Vulnerability in AD:from any user to Domain Admin
• Achieving Domain Compromise via the DCSync Technique [CHEATSHEET]

HTB

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

Lateral Movement

• Exploring The NOPAC Vulnerability in AD:from any user to Domain Admin
• Achieving Domain Compromise via the DCSync Technique [CHEATSHEET]

PrivEsc

• Targeting python Libraries for Local Privilege Escalation

RCE

• DevOops: Script Consoles

SSRF

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

Server-side Attacks

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

Writeup

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

active directory

• HackTheBox Cicada Walkthrough

application-security

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

bind shell

• DevOops: Script Consoles

chisel

• HackTheBox SolarLab Walkthrough

chroot

• Exploring CVE-2025-32463 local privilege escalation (chwoot) in Sudo

chwoot

• Exploring CVE-2025-32463 local privilege escalation (chwoot) in Sudo

cupp

• Writing Targeted Password lists with hashcat rules and cuppy

cve-2025-32463

• Exploring CVE-2025-32463 local privilege escalation (chwoot) in Sudo

cwes

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

dcsync

• Achieving Domain Compromise via the DCSync Technique [CHEATSHEET]

devops

• DevOops: Script Consoles

flask

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

groovy

• DevOops: Script Consoles

hashcat

• Writing Targeted Password lists with hashcat rules and cuppy

htb Cicada

• HackTheBox Cicada Walkthrough

htb solarlab

• HackTheBox SolarLab Walkthrough

jenkins

• DevOops: Script Consoles

liferay

• DevOops: Script Consoles

lsass

• Post-Exploitation: Extracting Credentials from the Registry and LSASS

mimikatz

• Post-Exploitation: Extracting Credentials from the Registry and LSASS
• Achieving Domain Compromise via the DCSync Technique [CHEATSHEET]

nmap

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

nopac

• Exploring The NOPAC Vulnerability in AD:from any user to Domain Admin

openfire

• HackTheBox SolarLab Walkthrough

owasp-top10

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

password-spray

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

privilege escalation

• Exploring CVE-2025-32463 local privilege escalation (chwoot) in Sudo
• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

python

• Targeting python Libraries for Local Privilege Escalation

python imports

• Targeting python Libraries for Local Privilege Escalation

secretsdump

• Post-Exploitation: Extracting Credentials from the Registry and LSASS

smb

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

sudo

• Exploring CVE-2025-32463 local privilege escalation (chwoot) in Sudo

web-exploitation

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

web-security

• Server-side Request Forgery (SSRF): Testing Methodology & Resources

windows

• HackTheBox Cicada Walkthrough
• HackTheBox SolarLab Walkthrough

wordlists

• Writing Targeted Password lists with hashcat rules and cuppy