A high-level mind map to summarize all the techniques/tools covered by Peter Kim’s book.

For many pentesters, Meterpreter's getsystem command has become the default method of gaining SYSTEM account privileges, but have you ever have wondered just how this works behind the scenes? In this post I will show the details of how this technique works…

This is @newp_th.This issue is very similar to my previous report on Reflected XSS on Stack Overflow.

The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629).

Doing everything manually is cool, but how do we save time and money? A lot of times most of the enumeration stuff can be automated. But…

Slides from my talk at the OFFZONE 2018 conference (https://www.offzone.moscow/report/hunting-for-privilege-escalation-in-windows-environment/)

A collection of hacking tools, resources and references to practice ethical hacking. - sundowndev/hacker-roadmap

Introduction The Cybaze-Yoroi ZLab researchers investigated a recent espionage malware implant weaponized to target companies in the Italian automotive sector. The malware was spread through well written phishing email trying to impersonate a senior partner…

Hi, This is Yogesh Tantak a Security Researcher from India. Today I am writing about a critical bug that I found in Google’s new Product…

Hello again. In my previous posts I detailed how to manually get SYSTEM shell from Local Administrators users. That’s interesting but very late game during a penetration assessment as it is presumed that you already owned the target machine.

Recently I had to write a kernel-mode driver. This has made a lot of people very angry and been widely regarded as a bad move. (Douglas…

A review of my bug hunting journey so far, from when I started, to the point where I made it into the Top 200 bug hunters on Bugcrowd after two years.

Summary