Samuel WhangExtracting Hash from Password Protected Microsoft Office FilesI came across a Microsoft Office file that was password protected while working on a lab. Although I attempted to brute force the password…Sep 23, 20201Sep 23, 20201
Samuel WhangOffensive Security Advanced Web Attacks and Exploitations (AWAE): What You Need To KnowAfter obtaining my Offensive Security Certified Professional (OSCP) status, I started searching for a direction. The most common advice…Jun 6, 2020Jun 6, 2020
Samuel WhangeLearnSecurity Web Application Penetration Testing Course (WAPT) / eWPTIt’s important to establish a foundation when it comes to becoming a penetration tester. This is exactly the reason for the popularity of…May 27, 2020May 27, 2020
Samuel WhangOffensive Security PWK 2020 Update: Should you upgrade?Offensive Security’s flagship course, Penetrating Testing with Kali (PWK), recently went through a welcomed update to their course…May 5, 20201May 5, 20201
Samuel WhangeLearnSecurity Penetration Testing Student Course (eJPT): The Perfect Starter PackIntroductionApr 13, 2020Apr 13, 2020
Samuel WhangPrivilege Escalation: Leveraging misconfigured systemctl permissionsThe binary, systemctl, is a process that exists in linux operating systems that is used to start different services, such as apache…Nov 3, 20192Nov 3, 20192
Samuel WhangMy OSCP Guide: A Philosophical ApproachAbout a year and a half ago from the time of writing this blog, I ventured on a journey towards achieving the coveted Offensive Security…Sep 24, 20191Sep 24, 20191
Samuel WhangPrivilege Escalation: How to build RPM payloads in Kali LinuxFrom time to time, you may come across a system that enables you to run yum or dnf as an elevated user. This scenario is quite enticing…Aug 18, 20192Aug 18, 20192
Samuel WhangPrivilege Escalation: Hijacking Python LibraryFrom time to time, you may come across a scenario where a system has misconfigured permissions in their Python library. Generally…Jun 7, 2019Jun 7, 2019
Samuel WhangBack to Basics: DNS EnumerationFor aspiring penetration testers who have not had much experience outside of labs such as Hack the Box or penetration testing courses…May 23, 2019May 23, 2019