Cross Account RDS Access
Achieving cross-account database access via VPC peering and IAM
Posts by Year
2023
Azuredly attacking Azure…
Using AzureGoat to better understand how to attack Azure
IAM hacking AWS
Using AWSGoat to better understand how to attack AWS
2022
Combining even more techniques to defeat EDR via DLL unhooking and AMSI bypass
Taking on an enterprise grade EDR for fun, profit, and learning
Combining techniques to defeat Windows Defender and default Applocker rules
Using techniques taught in Sektor7’s RED TEAM Operator: Malware Development Essentials
2021
How a SysAdmin becomes a Pentester PART 2
What I did, and what you can do, to become a pentester
How a SysAdmin becomes a Pentester PART 1
What I did, and what you can do, to become a pentester
2020
Switching Gears
A premature push to start AWAE with the announcement of CTP retirement
SEH primer for CTP
A primer for n00bs like myself in preparation for the CTP course offered by Offensive Security
SLAE: MSFVENOM payload analysis
This assignment will see us generate and examine 3 msfvenom payloads with GDB, ndisasm and libemu.
SLAE: Custom Shellcode Crypter
Create a custom shellcode crypter.
SLAE: Polymorphic Shellcode
Take three shellcodes from shell-storm and create polymorphic versions of them, to avoid pattern and signature detection.
SLAE: Shellcode Encoder
This assignment will see us create and confirm the execution of a custom shellcode encoder.
SLAE: Staged Shellcode Payload via Egghunting
Create and examine staged shellcode containing the ‘Egghunting’ technique.
Zero to OSCP in 12 months
I am sure by now we are all rolling our eyes at aNOtheR OSCP journey blog
SLAE: Custom TCP Reverse shell
This assignment will see us create and examine shellcode with a Reverse TCP shell as the payload.
SLAE: Custom TCP Bind shell
This assignment will see us create and examine shellcode with a Bind TCP shell as the payload.
Vulnhub Write-up: Lemon Squeezy
Writeup for an OSCP-like machine created by my hackin’ homie