Recently Updated Pages
Have I Helped You Today?
The goal of this blog is to share technical and educational content that is: Well-documented ...
Multipart Forms and Boundary Parameters
Multipart/Form-Data Example Example Web Form Consider the following web form... File Uploa...
Using an Ad-Hoc Python Web Server to Catch HTTP Client Requests
nano serv.py import http.server bind_address='0.0.0.0' port=80 class CustomRequestHandl...
Computer Programming: Compiled vs Interpreted Languages
Compiled vs Interpreted Languages Example Interpreted (Scripting) Languages Bash JavaScript ...
Spawn Processes as Other Users
RunasCs.exe Project GitHub https://github.com/antonioCoco/RunasCs/releases Example Usage Spaw...
Installing Wine and Wine Dependencies
Considerations I urge you to consider taking a snapshot of your Kali instance at its current sta...
John the Ripper Help Tricks
Find Hash Format Modules Find supported hash types # Field 1 is the Format label # Field 7 is ...
Hashcat Help Tricks
Find Hash Format Modules Find supported hash types hashcat -h | grep -i <hash_type> Show info ...
Using an Ad-Hoc Nginx Server to Catch-Web Requests
Set up Custom Logging sudo apt install -y libnginx-mod-http-lua Install Nginx LUA libraries ...
File Transfer Techniques
TFTP If the target has a TFTP client installed, Metasploit has a TFTP server you can run ad-hoc ...
Windows File Downloads
PowerShell [System.Net.WebClient]::new().DownLoadFile(uri, outpath) # Exampe [System.Net.WebClie...
Burp Chromium Browser Always Upgrades to TLS
Problem In the browser, you enter http://domain.tld or http://10.10.10.10 for example. If you're...
Change to KDE Plasma Desktop Environment
Installing KDE Plasma Official Documentation: https://www.kali.org/docs/general-use/switching-de...
Using Faketime for Ad-Hoc Kerberos Authentication
Installing Faketime sudo apt install faketime faketime -h This will run the specified 'progr...
Remote Bloodhound
GitHub Repo Prerequisites impacket ldap3 dnspython Installation python3 -m pip insta...
Kerberos Pre-Auth Username Enumeration
How it Works We can send a request for a TGT --- without a pre-authentication hash --- to the Ke...
AS-REP Roasting (Internal/External)
AS-REP Roasting If Kerberos pre-authentication is disabled on a user account in Active Directory...
Generate Hashes Passwd Overwrite
SALT=$(openssl rand -base64 6) # Salted MD5 openssl passwd -1 -salt $SALT your_password # Salt...
Computer Networking: IP Addressing and Subnetting
IP Addressing Common Computer Numbering Systems Binary (base 2) -- 0 to 1 Octal (base 8) -- ...
VirtualHost Enumeration
VirtualHosts Examples In the diagram above, this is the valid way to use virtual hosts. You cr...