Empire 3 is a post-exploitation framework that includes a pure-PowerShell Windows agent, and compatibility with Python 3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire a...

My OSCP journey was between March 2019 - April 2019. Since then the course has changed drastically therefore making my previous “OSCP Reference” obsolete. I will be updating this consistently pl...

In Passage, I’ll find and exploit CuteNews with a RCE CVE. The exploit returns sha256 hashes, which I’ll crack. That user shares an SSH key with the next user on the box. To root, I’ll exploit a...

Omni is a Windows IOT Core host, the flavor of Windows that will run on a Raspberry Pi. I’ll abuse Sirep protocol to get code execution as SYSTEM. From there, I’ll get access as both the app use...

Laboratory is largely about exploiting a GitLab instance. I’ll exploit a CVE to get arbitrary read and then code execution in the GitLab container. From there, I’ll use that access to get access...

Bucket is a pentest against an Amazon AWS stack. There’s an S3 bucket that is being used to host a website and is configured to allow unauthenticated read / write. I’ll upload a webshell to get ...