Scope and Objective Objective: As a penetration tester on the Hack Smarter Red Team, the goal is to achieve a full compromise of the Active Directory environment — obtaining both user.txt and root...

Summary The Gandalf AI challenges demonstrate how AI language models can be tricked through creative prompt engineering. By changing how we ask questions, we can bypass safety filters and guardrai...

Let’s say you are a sysadmin, a pentester, or someone on the defensive side working on enterprise administration or security. You might have heard about Active Directory — the most commonly used id...

If you are a pentester, CTF player, or anyone who loves to pwn things, you might have gained shell access to Linux servers at some point. Is it a dead end now? Hell, no. When it comes to post expl...

Active Directory Overview Active Directory is a directory service developed by Microsoft to manage Windows domain networks. It stores information related to objects such as Computers, Users, Print...

In the month of March, I was learning more about GitHub dorking. I went through writeups, blogs, and videos to learn about it. After spending some time, there was an itch inside me forcing me to tr...

Intro I signed up for the CRTP course during the Diwali sale which cost me $199 — including lifetime access to course materials, 30 days of lab access, and one exam attempt. Course & Lab A...

If you are the pentester dealing with the modern web applications you might have faced the use of cognito in your assessments or you might have watched the awesome video of Yassine Aboukir. A big s...