Dec 14, 20217 minExploiting log4j | Apache SolrLog4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
Jan 163 min Post compromise analysis | Overpass 2In this write up, we will be playing the role of an incident responder, post compromise of a system. The task is to identify what the...
Jan 94 minHow to use Hydra to brute force login forms.Hydra is a very powerful and fast password cracking tool which can also perform dictionary attacks against a wide range of protocols such...
Dec 14, 20217 minExploiting log4j | Apache SolrLog4j is a popular Java library maintained by the Apache foundation used as a logging framework for Java. Around Friday 10th December...
Dec 8, 20216 minEnumerating Active Directory using BloodHound.90% of the Global Fortune 1000 companies use Active Directory as their primary method of authentication and authorization. This plays a...
Nov 28, 20214 minExploiting EternalBlue | MS17-010In this blog we will be walking though a machine from the Cybermentors course; Practical Ethical Hacking (PEH). The main lesson from this...
Nov 18, 20213 minGolden Ticket attacksOnce we have compromised a Domain Controller we want to gain a level of persistence on the domain. We can do this by crafting Golden-Tickets
Nov 18, 20214 minAttacktive DirectoryThis will be my first of many Active Directory themed blogs focused around exploitation. I have recently been exposed to a lot of Active...
Nov 11, 20216 minAnalysing a Phishing Kit In this blog post, we will be analysing a very recent Phishing Kit that was found to be active last month. We will be taking a look at...
Nov 4, 20216 minAcademyThis is my first blog post walking through a machine from the Cybermentors course Practical Ethical Hacking (PEH). This is one of the...
Sep 24, 20215 minWhat happens when a Cyber Security analyst is sent a phishing text?This blog post is my first post on the topic of Phishing where I try to analyse an SMS Phishing text, not in great technical detail but...
May 21, 20214 minMalicious office macro analysisIn this blog post, we will creating a malicious macro that allows us to catch a reverse shell when a word document is opened. We will...
Mar 22, 20216 minExploit development BOFBuffer Overflow This blog post is my attempt in trying to explain how to perform a buffer overflow in preparation for the OSCP. I have...
Aug 18, 20193 minHow to get started in Cyber Security 2021The Information Security industry is booming and there hasn't been a better time to enter! Although prior cyber security experience isn't...