executeatwill
executeatwill

Penetration Analysis & Security Research


  • Home

  • Archives

  • Tags

Tryhackme Lfi Walkthrough

Posted on 2020-04-18

Local File Inclusion vulnerabilieis entail when a user inputs contains a file path which results in retrieval of unintended system files via a web service.

Read more »

Tryhackme Alfred Walkthrough

Posted on 2020-04-01

Exploited Jenkins gained an initial shell, then escalated privileges by exploiting Windows authentication tokens. Deployment of meterpreter with web_delivery.

Read more »

Active Directory Enumeration Hacker Notes

Posted on 2020-01-06

Post enumeration of lab with credentials/hashes captured. Overview of PowerView and Bloodhound setup/usage.

Read more »

Wireless Wifi Penetration Testing Hacker Notes

Posted on 2020-01-05

Tutorial on hacking wireless access points to include capture handshakes and crackings .cap files.

Read more »

Owasp Top 10 Application Vulnerabilities Hacker Notes

Posted on 2020-01-04

Detailed overview of the OWASP Top 10 utilizing OWASP Juiceshop VM to cover application vulnerabilities.

Read more »

Post Mission Brief Pwk Review Guide

Posted on 2019-10-06

Penetration with Kali (PWK) Review Guide after having completed 90 lab. Resources and tips to help fellow hackers develop & execute a plan for attacking the lab network.

Read more »

Arctic Hackthebox

Posted on 2019-05-09

Disassembly of ippsec’s youtube video HackTheBox - Arctic. Focus on Windows and basic enumeration, intercepting an application communications via burp. Shell creation with Unicorn and powershell usage along with windows enumeration.

Read more »

Granny Hackthebox

Posted on 2019-05-08

Disassembly of ippsec’s youtube video HackTheBox - granny. Windows box where OPTIONS get enumerated and used via davtest. Web filter circumvention and a focus on using metasploit to enumerate the box and exploit it.

Read more »

Bastard Hackthebox

Posted on 2019-05-07

Disassembly of ippsec’s youtube video HackTheBox - Bastard. Windows box without the use of Metasploit, a few different ways to enumerate the privesc. Managing cookies importing/exporting. Exploit modification/testing. Setting up Burp Suite to capture an exploits traffic and SMB file execution with impacket.

Read more »

Optimum Hackthebox

Posted on 2019-05-06

Disassembly of ippsec’s youtube video HackTheBox - Optimum. Windows box completed two different ways with and without Metasploit. Focusing on the usage of Powershell, enumerating the privesc with Sherlock and executing an exploit with a shell from Nishang and Empire.

Read more »
1 2 3 … 5
Will M.

Will M.

Pentester - Cybersecurity Fighter Pilot

45 posts
GitHub Twitter
© 2022 Will M.
Powered by Jekyll
Theme - NexT.Muse