This video is a short overview on what you can do with WinSSH and how to use it. It essentially acts like a reverse shell with (dynamic-) port forwarding & file up- and download features that is only using trusted windows binaries.
Intercept is a chain of vulnerable machines on Vulnlab and involves stealing hashes with lnk files, a RBCD-Workstation takeover, exploiting GenericALL on OUs & finally attacking ADCS using ESC7.
I'm linking the playlists for both labs here to avoid single posts for every video. Check out https://vulnlab.com if you want to try them out!
This is part four of the Shinra series. We will get to access to a linux server via ssh, exploit a small authenticator app & use ansible to move to the next box.
This is the third video of the Shinra series. We will get a shell on Ashleighs machine & escalate privileges.
This is the second video of the Shinra series. Before setting foot onto any of the network's internal machines, we are going to spend a bit of time enumerating various things from our machine
This is a short writeup on the "NonHeavyFTP" challenge from Real World CTF 2023. This was one of the easier challenges with the goal of exploiting LightFTP in Version 2.2 (the latest one on github at the time). I ended up with a file-read vulnerability that allowed to read the...
This is the first video of a series about Shinra, a virtual company in a private red team lab. We will conduct a full pentest on Shinra and explore various topics along the way.
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022.
In this post, we will develop an exploit for the HW driver. I picked this one because I looked for some real-life target to practice on and saw a post by Avast that mentioned vulnerabilities in an old version of this driver (Version 4.8.2 from 2015), that was used as...
