Explore >> Select a destination
|
You are here 
|
andrewroderos.com | ||
| | | | |
0xdf.gitlab.io
|
|
| | | | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | |
| | | | |
bogs.io
|
|
| | | | | An extensive walk-through the popular methods of exploiting SMB using tools such as Metasploit, Reponder, psexec | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
www.sysdig.com
|
|
| | | CVE-2025-49844 (RediShell) is a critical Redis remote code execution vulnerability (CVSS 10.0) affecting all versions with Lua scripting. Discovered by Wiz and patched on October 3 2025, it allows authenticated users to gain host access. Learn how it works, who's affected, and how to detect and mitigate it. | ||
