Exploit Development

Analysis of CVE-2017-5005: QuickHeal Buffer Overflow

Windows Exploitation

Recently, I hosted an internal CTF event in my company. I wanted to include a challenge which would include some Windows Exploitation.

Windows Exploitation

When you begin your journey in exploitation, you start with simple buffer overflows, then you deal with SEH, play with egg hunters and so on.

Windows Exploitation

In this blog, I will be analysing a long forgotten Windows Animated Cursor Remote Code Execution Vulnerability (CVE-2007–0038) on Windows Vista.

Windows Exploitation

Lately, I’ve been exploring the world of Windows exploitation. I was already familiar with the concept of Buffer Overflows, brushed those skills up during OSCP days and now I’m taking steps further.

Exploit Development

Analysis of CVE-2017-5005: QuickHeal Buffer Overflow

Windows Exploitation: Dealing with bad characters — QuickZip exploit

Windows Exploitation: ASLR Bypass (MS07–017)

Windows Exploitation: Egg hunting

Introduction to Active Directory Delegations

Bypassing WAF by Playing with Parameters

A Not-So-Blind RCE with SQL Injection

Attacking Kerberos: Resource Based Constrained Delegation

Attacking Kerberos: Constrained Delegation

Attacking Kerberos: Unconstrained Delegation