TECHNICAL Windows Post Exploitation - WDigest Credentials Cache Learn how to enable WDigest credential caching and Metasploit to retrieve the plain text password of logged-in users.
Windows Post Exploitation - Enabling RDP Learn how to use Windows's vulnerable file-sharing service to enable RDP post-exploitation.
OSINT OSINT: Query Your Target System Like A Database You've run queries on data collection for a long time, but what if your system can also be queried in this way?
TECHNICAL Windows Post Exploitation & Clipboard Manipulation A lab exercise in Windows post exploitation techniques, covering manipulation of the clipboard.
TECHNICAL Windows Post Exploitation - Create Files and Log Keystrokes Learn how to create files on the target machine using meterpreter, change the file timestamps, and log key strokes on the target system.
TECHNICAL Windows Post Exploitation - Enabling WinRM Learn how to access a vulnerable application, even if the initial application vulnerability is patched.
TECHNICAL CVE-2022-24112 Exploiting HTTP Request Smuggling Header smuggling is the art of running commands on the target server by playing around with HTTP headers.
TECHNICAL TryHackMe Mr. Robot CTF Writeup Gurkirat Singh publishes his final write-up for 2021 on the TryHackMe Mr. Robot CTF, and demonstrates how to get root access into the Mr. Robot room and more!
TECHNICAL TryHackMe Bounty Hacker Write-up Gurkirat Singh pushes out another one of his final TryHackMe write-ups for the year 2021 based on the room called Bounty Hacker! He shares how you can exploit the sudo misconfiguration when there's a password reusable vulnerability in the system and more!
TECHNICAL TryHackMe Road Challenge Walkthrough A detailed walkthrough on Linux privilege escalation with the TryHackMe web-to-root machine named Road.
TECHNICAL Attack Defense: Windows Basic Exploitation #11 Learn to exploit a vulnerable windows service WinRM using Powershell.
Attack Defense: Windows Basic Exploitation #10 Apache Tika is a toolkit that detects and extracts metadata and text from over a thousand different file types.
TECHNICAL HTB Cap Challenge Walkthrough In this article, Gurkirat Singh gives us a technical walkthrough of the HackTheBox Cap challenge!
TECHNICAL VulnHub VulnOS2 Walkthrough A comprehensive technical walkthrough of the VulnHub VulnOS2 challenge.
TECHNICAL Attack Defense: Windows Basic Exploitation #9 Learn how to exploit the NodeJS debug server and gain a foothold on the target system.
INFOSEC Featured Secjuice Squeeze 67 Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week.
TECHNICAL Nmap MS-SQL Server Recon Learn how to conduct recon missions against MS-SQL server using Nmap.
INFOSEC Secjuice Squeeze 65 Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed.
TECHNICAL Attack Defense: Windows Basic Exploitation #8 Part 8 of our popular attack/defense series on basic windows exploitation.
INFOSEC Secjuice Squeeze 64 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
TECHNICAL Attack Defence: Windows Basic Exploitation #7 In this article, you will learn how to exploit an OSGi Console using metasploit and gain access to your target system.
TECHNICAL Understanding Linux Cron Jobs Understanding the tole of Linux cron jobs and how they can help you during penetration tests.
TECHNICAL Recon Basics: Tornado Webserver Tornado is a python webserver framework developed by FriendFeed. It can scale to tens of thousands of open connections, making it ideal for WebSockets.
INFOSEC Secjuice Squeeze 62 Welcome to the Secjuice Squeeze, a lovingly curated selection of interesting security articles and infosec news that you may have missed.
