Collection of code snippets/templates I’ve either developed or used on some occasion that may become useful during AWAE.
Posts by Year
Post mainly revolves around going beyond basic XSS payloads and utilising external Js to further our attack. XMLHttpRequest examples will likely come in hand...
Short post outlining a technique used on a recent engagement where I was tasked with gaining domain admin privs starting from an unauthenticated standpoint.
Collection of notes regarding Android application analysis and testing.
Collection of information and tools for Azure configuration reviews and security testing.
Collection of simple/handy commands and my .tmux.conf.
Collection of random snippets including my .vimrc and commands for file/string manipulation in Vim.
Active Directory domain enumeration without leveraging PowerView or the Active Directory PowerShell module, will be continuously adding to this.
Table of reference for Windows user rights assignment.
Instead of having to check the Microsoft docs every time I needed to identify a mysterious SID, I decided to type up the table here so I can reference it eas...
Collection of Windows PowerShell Event log commands and Windows Event ID tables.
Domain enumeration will require the use of either PowerView.ps1 or the Active Directory PowerShell Module.
Some basic XSS attacks.
Quick post covering a few different ways to create and generate malcious DLLs for reverse/bind shells and for command execution.