2021
- Kerberoasting 10/15
- Introduction to Kerberos 10/15
- Introduction to Active Directory 10/10
Active Directory Cheatsheet
Active Directory (AD) Cheatsheet This post assumes that opsec is not required and you can be as nois...
Kerberoasting
Attacking Kerberos - Kerberoasting Introduction Kerberoasting is a very popular attack in the Active...
Introduction to Kerberos
Introduction to Kerberos Hi and welcome to the second post in the Active Directory series. In this p...
Introduction to Active Directory
Introduction to Active Directory Prologue Hello there! Welcome to the first post in the Active Direc...
CRTP Cheatsheet
CRTP Cheatsheet This cheatsheet corresponds to an older version of PowerView deliberately as this is...
mimikatz-cheatsheet
Mimikatz Cheatsheet Dump Creds Invoke-Mimikatz -DumpCreds Invoke-Mimikatz -DumpCreds -ComputerName @...
Getting Into Cybersecurity - Red Team Edition
Getting Into Cybersecurity - Red Team Edition Introduction I came across this question and was asked...
HackTheBox - Bart Writeup w/o Metasploit
HackTheBox - Bart Writeup w/o Metasploit Introduction Bart is a retired Windows machine from HackThe...
HackTheBox - Bashed Writeup w/o Metasploit
HackTheBox - Bashed Writeup w/o Metasploit Introduction Bashed is a retired HackTheBox machine, rate...
HackTheBox - Lame Writeup w/o Metasploit
HackTheBox - Lame Writeup w/o Metasploit Introduction Lame was the first machine on the HackTheBox p...
MySQL Injection Cheatsheet
MySQL Injection cheatsheet Testing checklist Name Character Function Single quote ' String terminato...
HackTheBox - Falafel Writeup w/o Metasploit
HackTheBox - Falafel Writeup w/o Metasploit Introduction Falafel is a retired HackTheBox machine and...
SQL Injection 0x03 - Blind Boolean Attacks
SQL Injection 0x03 - Blind Boolean Attacks Introduction Blind SQL injection are the type of SQL inje...
SQL Injection 0x02 - Testing and UNION Attacks
SQL Injection 0x02 - Testing and UNION Attacks Introduction Hi, welcome to the second post of the sq...
HackTheBox - Cronos Writeup w/o Metasploit
HackTheBox - Cronos Writeup w/o Metasploit Introduction Cronos is a HackTheBox retired machine. It i...
SQL Injection - 0x01
SQL Injection 0x01 Hi, welcome to the first post of the SQL injection series. Before we dive into th...
File Inclusion
File Inclusion Introduction File inclusion vulnerabilities are of two types: Remote File Inclusion (...
Linux Privilege Escalation
Linux Privilege Escalation Cheatsheet So you got a shell, what now? This cheatsheet will help you wi...
OSCP Journey
OSCP Journey From a persistent n00b who couldn’t even hack a medium difficulty machine on his ...
Buffer Overflow
Windows 32-Bit Buffer Overflow SLMail Example
Practice these:
SLMail - download from exploit-db Brai...
Windows Privilege Escalation
Windows Privilege Escalation Cheatsheet Latest updated as of: 12 / June / 2022
So you got a shell, w...
root@localhost:~ #whoami
Who Am I? Hi, my name is Karan Bhayani. I am a security professional who likes learning new things.
...
OSCP Cheatsheet
OSCP Cheatsheet General Enumeration - Nmap Replace $ip with target IP
Initial scan
nmap -Pn -n -vvv ...