AMSQL injection in an application with stack trace enabledIn an assessment for a client I found a blind SQL injection . Thought of sharing my way of finding it .Jul 21, 2023Jul 21, 2023
AMWindows file transferThis blog talks about various ways to transfer files between a windows victim and linux host .Jul 14, 2022Jul 14, 2022
AMEnumeration on Domain joined machineSuppose you have got a rev shell on a windows machine which is domain joined . Lets see how can we enumerate using some inbuilt commands.Jun 26, 2022Jun 26, 2022
AMUsing kerbrute tool on my home labWe can use kerbrute for initial enumeration of the domain even if we dont have access to the domain.We can find valid users using this…Jun 23, 2022Jun 23, 2022
AMActive Directory Home Lab Setup — Part 3 — Building out user machines and joining to Domain…I am following CyberMentor’s youtube video to build my lab.Jun 21, 2022Jun 21, 2022
AMActive Directory Lab Setup -Part 2-Setting Roles on Domain ControllerFrom the Part 1 blog you must have installed Windows Server 2019 .Start your Windows Server 2019 and login to it.Jun 20, 2022Jun 20, 2022
AMActive Directory Home Lab Setup — Part 1 — Setting Windows Server 2019 and Domain Controller on…In this blog lets see how we can start by installing Windows Server 2019 on Virtual box and creating a Domain Admin and Active Directory…Jun 16, 2022Jun 16, 2022
AMWhere Burp ends Fiddler Begins- How to overcome :Received Fatal Alert: Certificate UnknownI was testing a mobile application and kept on getting this error “Received Fatal Alert: Certificate unknown”Jun 1, 2022Jun 1, 2022