Python AWAE Prep
Collection of code snippets/templates I’ve either developed or used on some occasion that may become useful during AWAE.
Posts by Year
2022
JS AWAE Prep
Post mainly revolves around going beyond basic XSS payloads and utilising external Js to further our attack. XMLHttpRequest examples will likely come in hand...
2021
NTLM Relay to Domain Admin
Short post outlining a technique used on a recent engagement where I was tasked with gaining domain admin privs starting from an unauthenticated standpoint.
Android Snippets
Collection of notes regarding Android application analysis and testing.
Azure Snippets
Collection of information and tools for Azure configuration reviews and security testing.
Tmux Snippets
Collection of simple/handy commands and my .tmux.conf.
2020
Vim Snippets
Collection of random snippets including my .vimrc and commands for file/string manipulation in Vim.
Active Directory Domain Enumeration Part 2
Active Directory domain enumeration without leveraging PowerView or the Active Directory PowerShell module, will be continuously adding to this.
2019
Windows User Rights Assignment
Table of reference for Windows user rights assignment.
Windows Security Identifiers
Instead of having to check the Microsoft docs every time I needed to identify a mysterious SID, I decided to type up the table here so I can reference it eas...
Windows Event Monitoring
Collection of Windows PowerShell Event log commands and Windows Event ID tables.
Active Directory Domain Enumeration
Domain enumeration will require the use of either PowerView.ps1 or the Active Directory PowerShell Module.
Basic XSS
Some basic XSS attacks.
DLL Shells
Quick post covering a few different ways to create and generate malcious DLLs for reverse/bind shells and for command execution.