| Drop the Mic (CVE-2019-1166) |
|
|
|
| Dumping LSA secrets: a story about task decorrelation |
|
|
|
| Hello: I’m your Domain Admin and I want to authenticate against you |
|
|
|
| Pwn Dat Domain: Becoming Domain Admin With A Little Help From Veeam Backup |
|
|
|
| Hello: I’m your ADCS server and I want to authenticate against you |
|
|
|
| Exploiting stale ADIDNS entries |
|
|
|
| From NTAuthCertificates to “Silver” Certificate |
|
|
|
| GPOddity: Exploiting Active Directory GPOs Through NTLM Relaying, And More! |
|
|
|
| PenTales: Old Vulns, New Tricks |
|
|
|
| Domain Takeover Without Domain Admin Permissions |
|
|
|
| Multiple vulnerabilities in UCOPIA <= 6.0.7 (CVE-2022-44719 / CVE-2022-44720) |
|
|
|
| Anonymised Penetration Test Report |
|
|
|
| How Misconfigured and Vulnerable Devices Could Expose Your Company to Physical and Cyber Threats |
|
|
|
| From DA to EA with ESC5 |
|
|
|
| IPv6 DNS Takeover via mitm6 (Write Up) |
|
|
|
| From BitLocker-Suspended to Virtual Machine |
|
|
|
| Protected Users: you thought you were safe uh? |
|
|
|
| Finding Initial Access on a real life Penetration Test |
|
|
|
| Assumed Breach Assessment Case Study: Uncovering WeSecureApp’s Approach |
|
|
|
| [RE:SCRUTINY] Delay Then Migrate Your Meterpreter |
|
|
|
writeups.xyz
/
Internal Pentest