Setting up a Spring4Shell Lab CVE-2022-22965
As described by the Mitre CVE Database – A Spring MVC or Spring WebFlux application running on…
Attack
Exploits and attack tools.
Active Directory Takeover via CVE-2021-42287 & CVE-2021-42278
A new year and a yet another way to take over Microsoft Active Directory. Back in November…
Setting up a Log4Shell Lab CVE-2021-44228
A recently discovered vulnerability in the popular java logging tool Apache Log4j has been made public and…
VMware VCenter CVE-2021-22005 File Upload Vulnerability PoC
Say what now? Another one! VMware announced last week in its monthly security advisory VMSA-2021-0020.1 there is…
AD CS ‘PetitPotam’ Relay Attack Using Mimikatz and ntlmrelayx
Hot on the heels of PrintNightmare, there is yet another way to take over Active Directory. Petit…
PrintNightmare Privilege Escalation CVE-2021-1675 PoC
OK so this one is doing the rounds on Twitter. A couple of researchers accidently released their…
VMware VCenter Server Remote Code Execution CVE-2021-21985 PoC
VMware first announced on the 25th of May a remote code execution vulnerability in VCenter server’s VSAN…
How To Setup Palo Alto Minemeld on Ubuntu 18.04
So I’ve been meaning to do a post about this for a while. Minemeld is a cool…
F5 CVE-2020-5902 Traffic Management UI Remote Code Execution
F5 load balancers are wildly popular so when this bug was publicly disclosed back in June it…
SMBGhost CVE-2020-0796 Remote Command Execution Demo
Back in March Microsoft released a patch for KB4551762 / CVE-2020-0796, dubbed ‘SMBGhost’ the vulnerability affects Windows…