Merlin The (C2) Wizard!

Evade network detection during a penetration test/red team exercise by using a protocol that existing tools aren’t equipped to understand or inspect.…

JSON Web Tokens - J Wut T?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.…

Hot on the Trail of Domain Admin: Bloodhound Intro

BloodHound is a tool to analyze and understand Active Directory Trust Relationships. Utilize Bloodhound to find shortest path to Domain Admin.…

Offensive Security Wireless Professional (WiFu) - Review

Offensive Security Wireless Professional course review.…

Learning to Pop XSS with Docx Files

Utilizing an unrestricted file upload vulnerability with Microsoft Docx files to exploit web applications with Cross-Site Scripting (XSS).…