I recently learned that there are some dangers of accepting
Continue readingCategory: Penetration Testing
Parsing Net Command Output with PowerShell
This post is about how I wrote a few PowerShell
Continue readingSSH Proxy to Browse Internal Web Servers
This post demonstrates utilizing an SSH tunnel to proxy web
Continue readingNetcat alternative: /dev/tcp
Netcat with no netcat: /dev/tcp. This is a feature of
Continue readingSSH, Nmap, and Proxychains
This post demonstrates how to use SSH to create a
Continue readingWhich Ports does Nmap Scan by Default?
Nmap is an excellent and popular network scanner. During a
Continue readingNo HTTP Strict Transport Security (HSTS) Proof of Concept with Man-in-the-Middle-Framework (MITMF)
No HTTP Strict Transport Security (HSTS) Proof of Concept People
Continue readingNishang – Out-Excel
Nishang has a set of client side attack scripts designed
Continue readingUpgrading from a Non-TTY Terminal to a Full Shell
Assume you are able to exploit a vulnerable service and
Continue readingMethods to Avoid Command History
A common thing to do during post exploitation is to
Continue reading