During the peak of primary election season, most active voters are more concerned with the candidates and their stances on key divisive...

Email spoofing testing and how-to for when DMARC policies are improperly configured

Enumeration First we run a generic nmap scan against the box to see what ports and services are available: We see that SMB is open, let's...

Enumeration First we run an nmap scan against the target: Here we can see that port 445 (SMB) is open. We also see the computer name as...

Overview Vulnerability in a Nutshell PoC Demo/Walkthrough Troubleshooting and Reliability Alternate Attack Paths for KeePass Overview...

Overview Certified Red Team Operator (CRTO) is a certification opportunity presented by ZeroPointSecurity. The certification ties...

I recently decided to pen this blog post because, upon looking back, I realize that my career path so far has been conventional in some...

Enumeration Running an nmap scan shows which ports are open and available: We see that there are ports running unknown services. Google...

Enumeration Start with an nmap scan: From there we can discern that ports 21 and 80 are open. Gaining Access Check port 21 (FTP) for...

Enumeration Upon enumerating with nmap we discover that ports 22 and 80 are open. When we navigate to the IP address via the browser, we...

Enumeration To start working on this box, we'll first run an nmap scan against it to see what ports are open and what services are...

If you're new to the infosec/offsec space, the name "Mimikatz" may be foreign or quite vaguely familiar; however, for the folks that have...

Tools and Resources NoSQLMap: https://github.com/codingo/NoSQLMap GTFOBins: https://gtfobins.github.io/ PayloadAllTheThings:...

Walkthrough for Micro-CMS v1 challenge on the HackerOne Hacker101 CTF

Are you considering taking Pentester Academy's Attacking and Defending Active Directory course? Read on and find out more about it and...