Skip to main content

Pentest Blog Posts


Modifying Certipy to Evade Microsoft Defender for Identity PKINIT Detection
Daniel Underhay
Bypassing Microsoft Defender for Identity Suspicious certificate usage over Kerberos protocol (PKINIT) high severity alert.
A Cost Effective Covert Implant for Red Teamers
Daniel Underhay
A quick post about making a more cost effective cover implant using a common wired mouse.
Patch Diffing Microsoft Windows Wi-Fi Driver Vulnerability (CVE-2024-30078) - Part 1
Kapil Khot
Analysing the Microsoft Windows Wi-Fi driver patch to understand the vulnerability (CVE-2024-30078) - Part1
Don't Click Evil.txt: CVE-2024-30050 and Other Windows Silliness
Harry Withington
Bypassing security prompts with file shares and more
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout
Daniel Underhay
Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.
Hook, Line, and Phishlet: Conquering AD FS with Evilginx
Daniel Underhay
A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.
Bee-yond Capacity: Unauthenticated RCE in Extreme Networks/Aerohive Wireless APs - CVE-2023-35803
Lachlan Davidson
CVE-2023-35803 - An adventure in finding and exploiting a buffer overflow in Extreme Networks/Aerohive Wireless Access Points
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server
Harry Withington
Check that regex.
The Threat on Your Desk: Building an Evil USB-C Dock
Lachlan Davidson
BadUSB attacks have been a threat for years, but is the USB-C dock sitting on your desk the latest threat in disguise?
Reverse SSH: A Fast, Stable Reverse Shell Handler
Jordan Smith
Want to use SSH for reverse shells? Now you can.