networking Writing Connect Back TCP Shell in C# Connect back shell allows attackers to bypass the firewall by making the client connect to the malicious server. Learn how to implement such a server in CSharp language to perform C&C
cryptography Cracking Passwords using Hashcat In the infosec, password cracking is considered as the easiest part given that the encrypted password exists in the wordlist and you are patient enough to wait. Learn basics of the hashcat password cracking tool and how to prevent from being the target of password attack
linux Attack Defense Privilege Escalation CTF Walkthrough Get a detailed walkthrough on the Linux privileged escalation CTF brought to you by the attackdefence platform.
containers Container Host Breakout – Part 2 This is part 2 of container host breakout where you will learn how to interact with low-level APIs and other OCI tools like containerd to escalate to the root user.
linux Container Host Breakout – Part 1 Understand how the docker demon running on the remote system or managed service like portainer could be a security risk that should be avoided to prevent the entire infrastructure take over
linux Container Breakout – Part 2 How about injecting the kernel modules and overwriting the files of the host from the "isolated" containers? Learn how to abuse extra capabilities provided to the container and break out of the isolation.
linux Container Breakout – Part 1 Learn the advanced techniques like inter-process communication, abusing Linux capabilities and process injection to break out of an isolated docker container
linux Understanding Container Architecture Docker containers are widely used in the deployment of moderns apps. In this post, you will learn the concept of containerizing, the security mechanism used by the docker community and how to interact with container via docker
linux Exploiting Linux Capabilities – Part 6 Learn the basics of process injection and kernel modules. Build your own rootkits to exploit cap_sys_ptrace and cap_sys_module capabilities in the Linux kernel
linux Exploiting Linux Capabilities – Part 5 Learn the basics of networking and how to perform privileged tasks when you have special network capabilities: cap_net_raw, cap_net_bind_service and cap_net_admin
linux HTB Knife Walkthrough Get a quick walkthrough of the Knife machine provided by hack the box and learn how I owned the machine in less than 10 minutes
linux Exploiting Linux Capabilities – Part 4 Learn about Linux file capabilities like cap_fowner, cap_setfcap, cap_dac_override and cap_linux_immutable and how to exploit these in order to read privileged files or get the root user shell
linux Exploiting Linux Capabilities – Part 3 In this post you will learn how to exploit the capabilities often provided to a sysadmin for example cap_sys_admin, cap_sys_time, cap_kill and cap_chown
linux Exploiting Linux Capabilities – Part 2 Learn about dac_read_search and dac_override capabilities and how to exploit them in different programs to get the root user access in linux
linux Exploiting Linux Capabilities – Part 1 Get the practical knowledge on how to abuse cap_setuid and cap_setgid capabilities in Linux to get the root user shell
linux Understanding Linux Capabilities Get a basic understanding of what Linux capabilities are and how to use the utility tools like capsh, setcap and getcap to manage or print capabilities of program files and running processes or tasks
linux Breaking out of CHROOT Jailed Shell Environment Learn the basics of how chroot actually works, what is different between process current working directory and root directory and how the limitation in chroot which help you break out to root file system
linux Breaking out of Restricted Shell Environment Even though a restricted shell was introduced to prevent unintended malicious activities on the system. But offensive hackers still found ways to break out of this shell and further perform privilege escalation via normal shell.
vulnhub Vulnhub Pylington Writeup Get detailed writeup on vulnhub presented pylington machine. Learn how to exploit online ide application, gain an initial foothold and exploit suid, sudo and path resolution in order to get privileged shell
vulnhub Vulnhub Photographer Writeup Learn how to exploit koken cms and get the reverse shell out of it. Perform privilege escalation by hunting for unusual SUID binaries and information from GTFOBins
linux Exploiting Vulnerable Application for Privilege Escalation In this, you will learn how a known vulnerability in a third-party application installed on a Linux system could help attackers to escalate to root privileges
linux Pwning Webapps to Get Root Shell In this, you will learn how to exploit real-world user-facing applications to get an initial foothold and then perform privilege escalation using known vulnerabilities in web apps
linux Vulnhub HackMePlease Walkthrough In this, you will learn how to get an initial foothold through the web application and exploit sudo to get the privileged shell
linux Exploiting Shared Library Misconfigurations Get the practical knowledge of Linux privilege escalation by discussing 3 pentester academy labs on shared library injection. You will realize how dangerous shared library injection is when you find GCC compiler and permission misconfiguration
linux Understanding Concept of Shared Libraries Get in-depth knowledge of shared libraries in Linux and how it is actually used via a practical approach. Build your first library and use it in the code. In this you will also realize how dangerous LD_PRELOAD environment variable is