Featured Post

Recent Post

Attacking Kerberos: Resource Based Constrained Delegation

Now that we are done with Unconstrained and Constrained Delegations, it is time for the finale. In this blog we’ll discuss Resource Based Constrained Delegation (RBCD).

Read more

Attacking Kerberos: Constrained Delegation

In the last blog, we discussed Unconstrained Delegation in detail. We also saw how dangerous Unconstrained Delegation can get. Unconstrained Delegation was the very first implementation of Delegations, introduced back in Windows Server 2000.

Read more

Attacking Kerberos: Unconstrained Delegation

So we are going to talk about Unconstrained Delegation in this blog. I have already covered a small introduction to Delegations and the Kerberos concepts you’d need to understand it in an introduction blog.

Read more

Introduction to Active Directory Delegations

I spent past few months working on Cybernetics lab from HTB. Awesome labs, thoroughly enjoyed it, tons of things to learn.

Read more

Bypassing WAF by Playing with Parameters

In this post, I’ll explain two similar techniques that can be used to bypass Web Application Firewalls (WAF). These are HTTP Parameter Pollution (HPP) and HTTP Parameter Fragmentation (HPF).

Read more

Analysis of CVE-2017-5005: QuickHeal Buffer Overflow

Recently, I hosted an internal CTF event in my company. I wanted to include a challenge which would include some Windows Exploitation.

Read more

A Not-So-Blind RCE with SQL Injection

Once again, I’m back with another story of an interesting finding. This time I’ll be explaining an SQL injection instance, but this was bit different.

Read more

Extracting Source Code from Pre-Compiled ASP.Net applications

In a recent assignment, I found a Path Traversal vulnerability in an ASP.Net based web application. Naturally, the first thing I went after was the web.

Read more

Windows Exploitation: Dealing with bad characters — QuickZip exploit

When you begin your journey in exploitation, you start with simple buffer overflows, then you deal with SEH, play with egg hunters and so on.

Read more

Windows Exploitation: ASLR Bypass (MS07–017)

In this blog, I will be analysing a long forgotten Windows Animated Cursor Remote Code Execution Vulnerability (CVE-2007–0038) on Windows Vista.

Read more