AMSQL injection in an application with stack trace enabledIn an assessment for a client I found a blind SQL injection . Thought of sharing my way of finding it .1 min read·Jul 21, 2023----
AMWindows file transferThis blog talks about various ways to transfer files between a windows victim and linux host .1 min read·Jul 14, 2022----
AMEnumeration on Domain joined machineSuppose you have got a rev shell on a windows machine which is domain joined . Lets see how can we enumerate using some inbuilt commands.3 min read·Jun 26, 2022----
AMUsing kerbrute tool on my home labWe can use kerbrute for initial enumeration of the domain even if we dont have access to the domain.We can find valid users using this…2 min read·Jun 23, 2022----
AMActive Directory Home Lab Setup — Part 3 — Building out user machines and joining to Domain…I am following CyberMentor’s youtube video to build my lab.7 min read·Jun 21, 2022----
AMActive Directory Lab Setup -Part 2-Setting Roles on Domain ControllerFrom the Part 1 blog you must have installed Windows Server 2019 .Start your Windows Server 2019 and login to it.5 min read·Jun 20, 2022----
AMActive Directory Home Lab Setup — Part 1 — Setting Windows Server 2019 and Domain Controller on…In this blog lets see how we can start by installing Windows Server 2019 on Virtual box and creating a Domain Admin and Active Directory…5 min read·Jun 16, 2022----
AMWhere Burp ends Fiddler Begins- How to overcome :Received Fatal Alert: Certificate UnknownI was testing a mobile application and kept on getting this error “Received Fatal Alert: Certificate unknown”2 min read·Jun 1, 2022----