Introduction When performing penetration tests, we sometimes find that the systems or data we are targeting are not directly accessible from the network our attacking system is connected to. This is often the case when searching for things such a PCI data. We may have ‘owned’ the network, we may have gotten ‘DA’, but we…
n00py Blog- Protected: Aw, Sugar. Critical Vulnerabilities in SugarWOD
- The SOCKS We Have at Home
- Bypassing Amazon Kids+ Parental Controls
- Bypassing Okta MFA Credential Provider for Windows
- CactusCon 2023: BloodHound Unleashed
- Exploiting Resource Based Constrained Delegation (RBCD) with Pure Metasploit
- Practical Attacks against NTLMv1
- Password Spraying RapidIdentity Logon Portal
- Manipulating User Passwords Without Mimikatz
- Unauthenticated Dumping of Usernames via Cisco Unified Call Manager (CUCM)