OPERATION LOGS

HARD

HackTheBox

📅 2024-01-15 🏆 40 pts

Active Directory Exploitation: Forest to Domain Admin

Complete walkthrough of exploiting misconfigured Active Directory permissions, from initial access to full domain compromise using BloodHound analysis and targeted Kerberoasting attacks.

Active Directory BloodHound Kerberoasting

⏱️ 45 min read

READ OPERATION →

root@ryzen:~#

MEDIUM

TryHackMe

📅 2024-01-10 🏆 25 pts

Advanced SQL Injection to RCE

Exploiting stacked SQL queries in a custom web application, extracting data through error-based injection, and achieving remote code execution via INTO OUTFILE technique.

Web Exploitation SQLi Privilege Escalation

⏱️ 30 min read

READ OPERATION →

root@ryzen:~#

CVE

Research

📅 2024-01-05 🚨 CVSS 9.8

Analysis of Critical RCE in Popular Framework

Deep dive into a recently disclosed remote code execution vulnerability, including root cause analysis, exploit development, and mitigation strategies.

CVE-2023-XXXX RCE PoC Development

⏱️ 20 min read

READ OPERATION →

root@ryzen:~#

RED TEAM

Red Team

📅 2023-12-20 🎯 Enterprise

Enterprise Red Team: From Phish to Domain Admin

Real-world red team engagement walkthrough covering initial access via spear phishing, Cobalt Strike infrastructure, and modern EDR evasion techniques.

Phishing Cobalt Strike EDR Evasion

⏱️ 60 min read

READ OPERATION →

root@ryzen:~#