Harvesting User Information Through Facebook Ads I wrote this blog to show how scammers can retrieve user information via Facebook ads. I am unsure how Facebook addresses this, which is for another conversation. What we’ll specifically look at is an exciting ad for Aer. Aer is a company in San…

I started setting OSCP as a goal back in 2018 when I decided to shift my focus on security testing. As I am a person who often jumps into rabbit holes and to never ending research on what certification would be the best in terms of practicality and budget, I…

Blackfield is a 40-point machine from Hack the Box which requires you to exploit mistakes done after a recent computer forensic investigation recently done on the machine. The files left valuable information about the machine, usually extracted when doing computer forensics, which includes a dump of LSASS. Gaining access to…

Due to my growing interest with Active Directory security, I began my journey to get experience and better understand how it works. There are very few trainings out there that provides Active Directory security training that is accompanied by a lab, and one of those few is Pentester Academy. …

Sauna is an Easy-difficulty machine from Hack the Box created by egotisticalSW. I felt that this box is realistic as it requires you to craft potential usernames based from their public website. I also decided to show a C2 framework, in which I chose Covenant, which is also the same…

Sizzle is an Insane-difficulty machine from Hack the Box created by mrb3n and lkys37en, of which are the authors of 2 out of 3 Hack the Box Pro Labs that are currently available. Sizzle is a fairly old machine as it was released January of 2019. I decided to work…

I decided to write articles on common tools used by security professionals. The goal of this series is to introduce how a tool works, where it is useful, and maybe leave a few tricks that you can adopt. I’ll start with a scanning tool called Nmap. What is Nmap? From…

TL;DR: Control is a Windows machine that allows you to play with basic SQL Injection and a little of PowerShell. It’s a fun box to teach you Windows concepts without having an SMB service running. It starts of with an admin page accessible by using the X-Forwarder-For Header. Access to the…

TL;DR Forest is in the list of my favorite machines. It exposes you to different tools and offers practical usage of enumerating, interacting, and exploiting services usually related to Windows Active Directory. It starts with enumerating a user through RPC and exploiting Kerberos Pre-Auth to get the user’s password. The user…