In this modern age, there is a quote “data is the new gold”. As large amount of information generated and exchanged everyday. Just as gold…

The LSASS (Local Security Authority Subsystem Service) process in Windows systems is a critical component responsible for authenticating…

Introduction

What is FTP (File Transfer Protocol)

In this blog, I talk about exposing one local port to the internet and using it to catch reverse shells like we would do in any local…

Summary
This article shows you how to exploit the MS17–010 vulnerability on Windows 7 or higher.

Usually graphql endpoint are located at www.example.com/graphql.

Today, we will discuss an old and well-known attack against Kerberos authentication during an Active Directory pentesting assessment called…

Introduction

This article covers exploiting SQL Injection manually in a Graphql Application.

During my free time, i downloaded a android application from google play store for fun, i have actually known this application for a long…

Have you ever found yourself staring at a Windows network, wondering how to find vulnerabilities and security holes? Don’t worry, CrackMapExec is here to save the day! It’s like having a Swiss Army…

What is a stack?

First of all, This was a private program, so I will refer to it with example.com.
Let me tell you how I found the Reflected XSS…

This blog post was published on PurpleBox website on July 20th, 2022.

ProFTPD (Professional File Transfer Protocol server Daemon) is an open-source software, used for FTP servers on Unix and Unix-like systems…

In part1 of the article, I introduced JSON web tokens that what is JWT and How they are made? I prefer to take a look at that before you go…

DNS Rebinding is a method of bypassing Same Origin Policy by manipulating DNS resolution

domain escalation from a low-privileged user to a domain admin

The Lab Environment