Pentest Blog Posts
Modifying Certipy to Evade Microsoft Defender for Identity PKINIT Detection
Daniel Underhay
Bypassing Microsoft Defender for Identity Suspicious certificate usage over Kerberos protocol (PKINIT) high severity alert.
A Cost Effective Covert Implant for Red Teamers
Daniel Underhay
A quick post about making a more cost effective cover implant using a common wired mouse.
Patch Diffing Microsoft Windows Wi-Fi Driver Vulnerability (CVE-2024-30078) - Part 1
Kapil Khot
Analysing the Microsoft Windows Wi-Fi driver patch to understand the vulnerability (CVE-2024-30078) - Part1
Don't Click Evil.txt: CVE-2024-30050 and Other Windows Silliness
Harry Withington
Bypassing security prompts with file shares and more
Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout
Daniel Underhay
Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.
Hook, Line, and Phishlet: Conquering AD FS with Evilginx
Daniel Underhay
A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.
Bee-yond Capacity: Unauthenticated RCE in Extreme Networks/Aerohive Wireless APs - CVE-2023-35803
Lachlan Davidson
CVE-2023-35803 - An adventure in finding and exploiting a buffer overflow in Extreme Networks/Aerohive Wireless Access Points
Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server
Harry Withington
Check that regex.
The Threat on Your Desk: Building an Evil USB-C Dock
Lachlan Davidson
BadUSB attacks have been a threat for years, but is the USB-C dock sitting on your desk the latest threat in disguise?
Reverse SSH: A Fast, Stable Reverse Shell Handler
Jordan Smith
Want to use SSH for reverse shells? Now you can.