Kerberos Attacks cheatsheet Bruteforcing With kerbrute.py: python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file&g...

🛠️ Under Constructions Useful Tools In the following table, some popular and useful tools for Windows local privilege escalation are presented: Name Language Author ...

Installation From Source Github Ligolo-MP git clone https://github.com/ttpreport/ligolo-mp cd ligolo-mp sudo make install sudo ligolo-mp From Release Download Binary From Release ligolo-mp_linux_...

AD ACLs Cheatsheet GenericWrite on User Targeted Kerberoasting targetedKerberoast.py -d domain --dc-ip ip -u username -p password --dc-host dc --request-user target_user hashcat -m 13100 -a 0 <...

Certipy - AD CS Attack & Enumeration Toolkit Installation Certipy Using pip $ sudo apt update && sudo apt install -y python3 python3-pip $ python3 -m venv certipy-venv $ source certipy...

Installation Using uv uv tool install bloodyAD Using pipx pipx install bloodyAD Usage Retrieve User Information bloodyAD --host $dc -d $domain -u $username -p $password get object $target_usernam...

Sequence started with exploiting a Cross-Site Scripting (XSS) vulnerability on a contact form to capture session cookies, gaining access as a moderator user. Afterwards, using the chat functionalit...

Voyage started with exploiting a vulnerability in Joomla! CMS to leak its configuration and obtain a set of credentials, which we used with SSH to get a shell inside a container. Using our access ...

Extract started with discovering a Server-Side Request Forgery (SSRF) vulnerability and using it to discover an internal web application. By bypassing authentication on this internal application du...

Contrabando began with exploiting an HTTP Request Smuggling vulnerability via CRLF injection in Apache2 to smuggle a request to a backend server. This allowed us to leverage a command injection vul...