Posts by Year

2022

Python AWAE Prep

3 minute read

Collection of code snippets/templates I’ve either developed or used on some occasion that may become useful during AWAE.

JS AWAE Prep

3 minute read

Post mainly revolves around going beyond basic XSS payloads and utilising external Js to further our attack. XMLHttpRequest examples will likely come in hand...

Back to Top ↑

2021

NTLM Relay to Domain Admin

5 minute read

Short post outlining a technique used on a recent engagement where I was tasked with gaining domain admin privs starting from an unauthenticated standpoint.

Android Snippets

16 minute read

Collection of notes regarding Android application analysis and testing.

Azure Snippets

11 minute read

Collection of information and tools for Azure configuration reviews and security testing.

Tmux Snippets

2 minute read

Collection of simple/handy commands and my .tmux.conf.

Back to Top ↑

2020

Vim Snippets

less than 1 minute read

Collection of random snippets including my .vimrc and commands for file/string manipulation in Vim.

Back to Top ↑

2019

Windows Security Identifiers

8 minute read

Instead of having to check the Microsoft docs every time I needed to identify a mysterious SID, I decided to type up the table here so I can reference it eas...

DLL Shells

2 minute read

Quick post covering a few different ways to create and generate malcious DLLs for reverse/bind shells and for command execution.

Back to Top ↑