Pentest Blog Posts

Bypassing Microsoft Defender for Identity Suspicious certificate usage over Kerberos protocol (PKINIT) high severity alert.

A quick post about making a more cost effective cover implant using a common wired mouse.

Analysing the Microsoft Windows Wi-Fi driver patch to understand the vulnerability (CVE-2024-30078) - Part1

Bypassing security prompts with file shares and more

Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.

A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.

CVE-2023-35803 - An adventure in finding and exploiting a buffer overflow in Extreme Networks/Aerohive Wireless Access Points

Check that regex.

BadUSB attacks have been a threat for years, but is the USB-C dock sitting on your desk the latest threat in disguise?

Want to use SSH for reverse shells? Now you can.