PinnedOffSec Experienced Penetration Tester (OSEP) Review -July 2024Although I obtained my OSEP certification on July 11, 2024, I couldn’t write the review because I was on vacation and overloaded at work.Sep 4, 2024Sep 4, 2024
PinnedEach Stages of Attack Kill Chain OPSECPrioritizing operational security (OPSEC) before executing any actions is important because most widely known tools have their behavior…Nov 15, 2023Nov 15, 2023
SEC660 (GXPN-GIAC Exploit Researcher and Advanced Penetration Tester) Review-Nov 2024In 2017, I had an opportunity to attend the SEC660 ( SANS Advanced Penetration Testing, Exploit Writing, and Ethical Hacking) course in…Dec 1, 2024Dec 1, 2024
QueueUserAPC Process Injectionwhat makes QueueUserAPC process injection different?Aug 7, 2023Aug 7, 2023
AMSI Patching Download Web Cradle without using powershell.exeThe web download cradle PowerShell technique is a sub-technique of the Command and Scripting Interpreter of the PowerShell tactic in the…Aug 3, 2023Aug 3, 2023
DotNetToJScriptGadgetToJScript generates .NET serialized gadgets that trigger .NET assembly from HTA, JScript, VBA, and VBScript.We can leverage…Jul 10, 2023Jul 10, 2023
Linux Style Reverse ShellThis program is a simple TCP program in that the Client establishes a connection over TCP with the server. I use try block to establish a…Jul 10, 2023Jul 10, 2023
