This blog is hosted on a server that I control and I check the logs pretty regularly to make sure things are on the up and up. While checking logs yesterday, I noticed a spike of referrals from a website I didn't recognize so I checked it out: Looks pretty
While taking the PWK course, I immersed myself in the student labs for many hours a day just hacking away and learning. After passing the exam and finishing my lab time, there was a big hole in my life that the student labs had occupied. I filled up the space
While digging into the usage of Responder.py, I came across this post and video [https://cqureacademy.com/blog/penetration-testing/web-proxy-auto-discovery-protocol] that I found pretty intriguing. I was aware of using Responder.py to trick users into entering their credentials as part of a WPAD attack or using it to
As I had mentioned in my OSCP writeup [https://t3chnocat.com/oscp-writeup/], one thing not covered in the course was Active Directory and Windows networks. I've been learning on my own in my home lab and wanted to share a bit of what I've learned. When it comes to pentesting
While playing around with NTLMRelayx (part of an upcoming post) on various Windows VMs, I found I was having trouble getting a reverse Meterpreter connection over HTTPS from a Windows 7 machine to a fully updated Kali box. The problem was happening with both staged and non-staged payloads. I had