This post is about how I wrote a few PowerShell
Continue readingCategory: Penetration Testing
SSH Proxy to Browse Internal Web Servers
This post demonstrates utilizing an SSH tunnel to proxy web
Continue readingNetcat alternative: /dev/tcp
Netcat with no netcat: /dev/tcp. This is a feature of
Continue readingSSH, Nmap, and Proxychains
This post demonstrates how to use SSH to create a
Continue readingWhich Ports does Nmap Scan by Default?
Nmap is an excellent and popular network scanner. During a
Continue readingNo HTTP Strict Transport Security (HSTS) Proof of Concept with Man-in-the-Middle-Framework (MITMF)
No HTTP Strict Transport Security (HSTS) Proof of Concept People
Continue readingNishang – Out-Excel
Nishang has a set of client side attack scripts designed
Continue readingUpgrading from a Non-TTY Terminal to a Full Shell
Assume you are able to exploit a vulnerable service and
Continue readingMethods to Avoid Command History
A common thing to do during post exploitation is to
Continue readingAutomated OS Injection Reverse Shell with Mechanize Against DVWA
Damn Vulnerable Web Application (DVWA) is an intentionally vulnerable web
Continue reading