Home
Aaron Haymore
Cancel

HTB MonitorsTwo Writeup

Name MonitorsTwo OS Linux DIFFICULTY Easy Reconnaissance The IP address given for MonitorsTwo is 10.10.11.211. I wil...

Using ScareCrow to Side Load Sliver Shell Code

ScareCow ScareCrow serves as a framework designed for generating payloads that can be sideloaded, rather than injected, into a legitimate Windows process. This sideloading approach allows it to byp...

HTB Precious

Notes Name Precious OS Linux RELEASE DATE 26 Nov 2022 DIFFICULTY Easy Port Scan I started by...

Abusing the msds-KeyCredentialLink Propertie in Active Directory - Understanding Shadow Credentials

What is a Shadow Credential Within Active Directory, both user and computer objects possess an attribute named msds-KeyCredentialLink, which serves as a storage location for raw public keys. These ...

Constrained Delegation With Impacket

What Is A Constrained Delegation Attack Constrained delegation is a feature in Microsoft’s Active Directory that allows a service/account, to impersonate another service/account when accessing net...

Double Pivot Using Chisel

Double Pivot Using Chisel Chisel is a powerful tool that allows you to create tunnels and pivot to internal resources and other networks. Suppose you have successfully compromised an external-facin...

Wifi Hacking Part 1

Wifi Hacking Part 1 WPA Handshake A WPA handshake is a series of frames that are sent between a AP and a client to authenticate the client. These frame have the ability to be cracked using variou...

HTB Wide Writeup

Wide We've received reports that Draeger has stashed a huge arsenal in the pocket dimension Flaggle Alpha. You've managed to smuggle a discarded access terminal to the Widely Inflated Dimension Ed...

SAINTCON Minibadge Tester

SAINTCON is a cybersecurity conference organized by the Utah Security Advisory and Incident Network Team. This conference offers a range of activities, including presentations, training sessions, g...

Proving Grounds Practice Squid

Name Sorcerer OS Windows DIFFICULTY Easy Port Scan Like every machine, I started with a nmap script to identify op...