Featured Post
Introduction to Active Directory Delegations
I spent past few months working on Cybernetics lab from HTB. Awesome labs, thoroughly enjoyed it, tons of things to learn.
Read moreRecent Post
Attacking Kerberos: Resource Based Constrained Delegation
Now that we are done with Unconstrained and Constrained Delegations, it is time for the finale. In this blog we’ll discuss Resource Based Constrained Delegation (RBCD).
Read moreAttacking Kerberos: Constrained Delegation
In the last blog, we discussed Unconstrained Delegation in detail. We also saw how dangerous Unconstrained Delegation can get. Unconstrained Delegation was the very first implementation of Delegations, introduced back in Windows Server 2000.
Read moreAttacking Kerberos: Unconstrained Delegation
So we are going to talk about Unconstrained Delegation in this blog. I have already covered a small introduction to Delegations and the Kerberos concepts you’d need to understand it in an introduction blog.
Read moreIntroduction to Active Directory Delegations
I spent past few months working on Cybernetics lab from HTB. Awesome labs, thoroughly enjoyed it, tons of things to learn.
Read moreBypassing WAF by Playing with Parameters
In this post, I’ll explain two similar techniques that can be used to bypass Web Application Firewalls (WAF). These are HTTP Parameter Pollution (HPP) and HTTP Parameter Fragmentation (HPF).
Read moreAnalysis of CVE-2017-5005: QuickHeal Buffer Overflow
Recently, I hosted an internal CTF event in my company. I wanted to include a challenge which would include some Windows Exploitation.
Read moreA Not-So-Blind RCE with SQL Injection
Once again, I’m back with another story of an interesting finding. This time I’ll be explaining an SQL injection instance, but this was bit different.
Read moreExtracting Source Code from Pre-Compiled ASP.Net applications
In a recent assignment, I found a Path Traversal vulnerability in an ASP.Net based web application. Naturally, the first thing I went after was the web.
Read moreWindows Exploitation: Dealing with bad characters — QuickZip exploit
When you begin your journey in exploitation, you start with simple buffer overflows, then you deal with SEH, play with egg hunters and so on.
Read moreWindows Exploitation: ASLR Bypass (MS07–017)
In this blog, I will be analysing a long forgotten Windows Animated Cursor Remote Code Execution Vulnerability (CVE-2007–0038) on Windows Vista.
Read more