Archives
- 26 Apr HTB Academy Password Attacks Skill Assessment — Public Write-up
- 26 Apr HTB Academy Pivot Skill Assessment — Public Write-up
- 25 Apr Double Tunnel
- 25 Apr ICMP Tunneling with SOCKS
- 25 Apr SOCKS5 Tunneling with Chisel
- 24 Apr DNS Tunneling with Dnscat2
- 23 Apr Pivoting Around Obstacles
- 23 Apr Socat Redirector + Metasploit Reverse HTTPS
- 20 Apr Meterpreter Tunneling & Port Forwarding
- 20 Apr Remote Reverse Port Forwarding with SSH
- 20 Apr Dynamic Port Forwarding with SSH and SOCKS Tunneling
- 19 Apr Subdomain Takeover
- 19 Apr Attacking SQL
- 19 Apr Attacking SMB
- 19 Apr Attacking RDP
- 19 Apr Attacking Email
- 19 Apr Attacking DNS
- 18 Apr Attacking FTP
- 16 Apr Pass the Certificate
- 16 Apr Pass the Ticket - Linux
- 16 Apr Windows Local Password Attacks
- 16 Apr Remote Password Attacks
- 16 Apr Password Attacks — Wordlists, Hashcat & John the Ripper
- 16 Apr Linux Local Password Attacks
- 16 Apr Credential Hunting in Network Shares
- 15 Apr Shell — Bind Shell, Reverse Shell & Payloads
- 14 Apr Protected File Transfers
- 14 Apr Living off the Land — File Transfer (LOLBins / GTFOBins)
- 14 Apr Linux File Transfer Methods
- 14 Apr Metasploit Framework — Toàn tập
- 13 Apr Windows Lateral Movement
- 13 Apr Windows File Transfer Methods
- 13 Apr File Transfer bằng Ngôn ngữ Lập trình
- 11 Apr Misc File Transfer
- 11 Apr Information Gathering - Web Edition
- 11 Apr Misc File Transfer.md
- 19 Mar Footprinting & Enumeration Cheatsheet
- 19 Mar Nmap Cheatsheet
- 21 Feb CVE-2025-70146 - Online Time Table Generator 1.0: Unauthenticated Broken Access Control Allows Arbitrary Deletion
- 20 Feb CVE-2025-70148 - CodeAstro Membership Management System 1.0: Unauthenticated IDOR Leads to PII Disclosure
- 19 Feb CVE-2025-70150 - CodeAstro Membership Management System 1.0: Unauthenticated Broken Access Control + SQL Injection via delete_members.php
- 19 Feb CVE-2025-70149 - CodeAstro Membership Management System 1.0: Unauthenticated SQL Injection via print_membership_card.php
- 19 Feb CVE-2025-70151 - Scholars Tracking System 1.0: Authenticated Unrestricted File Upload Leads to Remote Code Execution
- 19 Feb Hashcat Cheatsheet
- 18 Feb CVE-2025-70147 - Online Time Table Generator 1.0: Unauthenticated Sensitive Information Disclosure (Plaintext Passwords)
- 18 Feb CVE-2025-70152 - Scholars Tracking System 1.0: Unauthenticated SQL Injection via /admin/save_user.php and /admin/update_user.php
- 18 Feb CVE-2025-70141 - Customer Support System 1.0: Unauthenticated Broken Access Control via ajax.php
