Walkthroughs

• Jun 2, 2025 Strutted HTB Walkthrough: Apache Struts2 CVE-2024-53677 File Upload Exploitation
• May 26, 2025 EscapeTwo HTB Walkthrough: ESC4 Certificate Abuse and Shadow Credentials Attack
• May 23, 2025 Cap HTB Walkthrough: PCAP Analysis, Linux Capabilities, and Linux Privilege Escalation
• May 20, 2025 LinkVortex HTB Walkthrough: Ghost CMS, Git Dumping, and TOCTOU Exploitation
• Apr 30, 2025 Bastion HTB Walkthrough: Windows Server Exploitation through SMB Guest Access and VHD Mounting
• Apr 25, 2025 Jab HTB Walkthrough: XMPP, DCOM, and OpenFire Exploitation
• Apr 22, 2025 Administrator HTB Walkthrough: DACLs, ACL Abuse, and AS-REPRoasting
• Apr 22, 2025 SolarLab HTB Walkthrough: OpenFire Exploitation and Python ReportLab
• Jan 12, 2025 RedPanda HTB Walkthrough: Spring Boot, SSTI, and Privilege Escalation
• Dec 26, 2024 Sau HTB Walkthrough: SSRF, CVE-2023-27163, and CVE-2023-26604 Exploitation
• Dec 24, 2024 Love HTB Walkthrough: SSRF, File Upload, and AlwaysInstallElevated Exploitation
• Dec 22, 2024 Editorial HTB Walkthrough: SSRF, Git History Analysis, and GitPython RCE
• Dec 21, 2024 Doctor HTB Walkthrough: SSTI, Log Analysis, and Splunk Universal Forwarder Exploitation
• Nov 15, 2024 Forest HTB Walkthrough: Active Directory, ASREPRoasting, and DCSync Exploitation
• Nov 12, 2024 Driver HTB Walkthrough: SCF File Exploitation and PrintNightmare Privilege Escalation
• Nov 11, 2024 Timelapse HTB Walkthrough: Active Directory, LAPS, and Certificate-Based Authentication
• Nov 6, 2024 Certified HTB Walkthrough: Shadow Credentials, ESC9, and Certificate Abuse
• Nov 5, 2024 Aero HTB Walkthrough: ThemeBleed and CLFS Exploitation
• Nov 3, 2024 Sauna HTB Walkthrough: Active Directory, Kerberoasting, and PrintNightmare Exploitation
• Nov 2, 2024 Active HTB Walkthrough: GPP, Kerberoasting, and Golden Ticket Attacks
• Nov 1, 2024 Cicada HTB Walkthrough: Active Directory Enumeration and SeBackupPrivilege Exploitation
• Oct 31, 2024 Authority HTB Walkthrough: Certificate Abuse, PKINIT, and RBCD Attacks
• Oct 22, 2024 EvilCUPS HTB Walkthrough: CUPS Exploitation and Print Queue Analysis
• Oct 21, 2024 Resolute HTB Walkthrough: Active Directory, NoPac, and DCSync Exploitation
• Oct 18, 2024 Fuse HTB Walkthrough: Active Directory, SeLoadDriverPrivilege, and Capcom Exploitation
• Oct 16, 2024 Cascade HTB Walkthrough: AD Recycle Bin, VNC, and Ansible Vault Exploitation
• Oct 14, 2024 Monteverde HTB Walkthrough: Azure AD Connect, SQL Server, and Credential Extraction
• Oct 13, 2024 Outdated HTB Walkthrough: Active Directory, WSUS, and Follina Exploitation
• Oct 9, 2024 Scrambled HTB Walkthrough: Active Directory, MSSQL, and .NET Deserialization Exploitation
• Oct 5, 2024 Escape HTB Walkthrough: Certificate Template Abuse and MSSQL Exploitation
• Oct 3, 2024 Hospital HTB Walkthrough: GhostScript, Selenium, and RoundCube Exploitation
• Sep 29, 2024 Intelligence HTB Walkthrough: Active Directory, DNS, and Kerberos Constrained Delegation
• Sep 22, 2024 Manager HTB Walkthrough: Active Directory, Certificate Authority, and ESC7 Exploitation
• Sep 12, 2024 Access HTB Walkthrough: PST Files, LNK Exploitation, and Stored Credentials
• Sep 9, 2024 Remote HTB Walkthrough: Active Directory, Umbraco, and SeImpersonatePrivilege Exploitation
• Sep 6, 2024 Support HTB Walkthrough: Active Directory, RBCD, and MachineAccountQuota Exploitation
• Sep 1, 2024 Return HTB Walkthrough: Active Directory, LDAP, and SeBackupPrivilege Exploitation

Sherlocks

• May 11, 2025 NeuroSync-D HTB Sherlock Challenge: Investigating Next.js Middleware Bypass and Redis Injection
• May 6, 2025 SmartyPants HTB Sherlock Challenge: Analyzing Windows RDP Compromise Through Event Logs and SmartScreen
• Mar 23, 2025 Brutus HTB Sherlock Challenge: Analyzing SSH Brute Force Attack Through Linux Logs

Articles

• Apr 24, 2025 Understanding PowerShell Download Cradles: A Deep Dive
• Nov 15, 2024 Understanding AS-REP Roasting Attacks: A Deep Dive
• Nov 5, 2024 Understanding CVE-2023-28252: Deep Dive into the CLFS Privilege Escalation Vulnerability
• Nov 5, 2024 Understanding CVE-2023-38146: Deep Dive into the ThemeBleed Vulnerability
• Oct 22, 2024 Understanding the CUPS Exploit Chain: A Deep Dive into CVE-2024-4176, CVE-2024-4175, CVE-2024-4177 and CVE-2024-4076
• Oct 21, 2024 Understanding the NoPac Exploit: A Deep Dive into CVE-2021-42278 and CVE-2021-42287
• Oct 20, 2024 Understanding SeLoadDriverPrivilege Escalation: A Deep Dive
• Oct 14, 2024 Understanding Azure AD Connect Exploitation & Privilege Escalation
• Oct 11, 2024 Understanding the Shadow Credentials Attack Vector
• Oct 10, 2024 Understanding .NET Deserialization Exploits: A Deep Dive

Cheatsheets

• Mar 17, 2025 Network Manager CLI Cheat Sheet
• Mar 11, 2025 Common Docker Build Issues: A Comprehensive Troubleshooting Guide
• Mar 11, 2025 Docker Image Security Analysis and Testing
• Mar 11, 2025 How to Emulate Different Architectures in Docker
• Mar 11, 2025 Transferring Docker Images via SCP
• Mar 10, 2025 Docker Troubleshooting Guide: Comprehensive Solutions for Common Container Issues (2025)
• Oct 16, 2024 Attacking LDAP: Deep Dive & Cheatsheet
• Oct 16, 2024 Attacking RPC: Deep Dive & Cheat Sheet

Homelabs

• Mar 12, 2025 Rebuilding My Homelab In NixOS (Part 5) Installing Docker & other tools on NixOS
• Mar 10, 2025 How to Run Local LLMs with Ollama on AMD GPU (Complete Guide)
• Mar 7, 2025 Rebuilding My Homelab In NixOS (Part 4) Decrypting boot early with initrd-ssh
• Feb 28, 2025 Rebuilding My Homelab In NixOS (Part 3) Mounting A Secondary Drive At Boot
• Feb 26, 2025 Rebuilding My Homelab In NixOS (Part 2) Enabling SSH Login in NixOS
• Feb 23, 2025 Autostart Tailscale on NixOS system boot & rebuild
• Feb 20, 2025 Rebuilding My Homelab In NixOS (Part 1) Creating the NixOS VM In Proxmox

Tools

• Feb 3, 2025 Automating Kali Linux VM Setup: A Comprehensive Guide to QEMU and Ansible Integration
• Nov 13, 2024 LDAPire: Advanced Active Directory Enumeration Tool
• Oct 17, 2024 BloodServer: A Secure File Transfer Tool for Penetration Testing