In a recent engagement my teammates and I compromised a Windows server where some high privileged users were connected. We did not want to risk to extract credentials from lsass.exe as the EDR woul...

Note: This blog post is the second one of the series Increase your stealth capabilities, make sure to have read the first part. Recap During an engagement my teammates and I compromised a Windows...

In a recent assessment, my teammates and I were tasked to perform a web security review of several applications with the possibility to perform internal pentest if the opportunity came up. On one ...

Context This blog post aims to solve a problem I faced when using open source tooling with Cobalt Strike. During my security assessments I often rely on tooling developped in Python, C#, Go or C/...

Context Back to 2019, my first HackTheBox box Intense was released with several steps involved: exploit a SQL injection for SQLite DBMS on the web application use a hash length extension att...