Blog Posts

In this write up, we will be playing the role of an incident responder, post compromise of a system. The task is to identify what the...

Hydra is a very powerful and fast password cracking tool which can also perform dictionary attacks against a wide range of protocols such...

Log4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...

90% of the Global Fortune 1000 companies use Active Directory as their primary method of authentication and authorization. This plays a...

In this blog we will be walking though a machine from the Cybermentors course; Practical Ethical Hacking (PEH). The main lesson from this...

Once we have compromised a Domain Controller we want to gain a level of persistence on the domain. We can do this by crafting Golden-Tickets

This will be my first of many Active Directory themed blogs focused around exploitation. I have recently been exposed to a lot of Active...

In this blog post, we will be analysing a very recent Phishing Kit that was found to be active last month. We will be taking a look at...

This is my first blog post walking through a machine from the Cybermentors course Practical Ethical Hacking (PEH). This is one of the...

This blog post is my first post on the topic of Phishing where I try to analyse an SMS Phishing text, not in great technical detail but...

In this blog post, we will creating a malicious macro that allows us to catch a reverse shell when a word document is opened. We will...

Buffer Overflow This blog post is my attempt in trying to explain how to perform a buffer overflow in preparation for the OSCP. I have...

The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't...