Latest articles

Article Image
Parsing the msDS-KeyCredentialLink value for ShadowCredentials attack
January 18, 2025
In-depth explanation of the msDS-KeyCredentialLink attribute used in a shadow credentials attack, and how to parse it.
active-directory attribute credentials DNwithBinary ldap msDS-KeyCredentialLink research RSAKeyMaterial shadow windows
Article Image
Windows debugging - Analyzing a BSOD crash dump
April 20, 2023
Learn how to analyze a BSOD crash dump on Windows to understand what happens during a system crash and how to troubleshoot effectively.
crash-dump debugging windows
Article Image
Windows Services passwords stored in the LSA
April 6, 2023
Windows services often run with a specific account, but where and how are the passwords of the service stored? How to extract them?
lsa password recovery secrets secretsdump windows
Article Image
Python vulnerabilities : Code execution in jinja templates
July 27, 2022
We will see how to create context-free payloads for jinja2, always allowing direct access to the os module in a jinja2 template without requirements. These payloads will be particularly useful for exploiting SSTI vulnerabilities.
code contexte execution exploit independant injection jinja jinja2 python server side ssti template vulnerabilities
Article Image
Analysis and repair of an IBM Model M keyboard
June 24, 2022
Complete analysis and restoration of a 1990s mechanical IBM Model M keyboard, an iconic model known for its manufacturing quality and unique buckling spring mechanism.
as400 hardware ibm infowindow keyboard restoration
Article Image
EC2 & RootMe - Challenge réaliste Escalate Me
June 10, 2022
Writeup du challenge réaliste Escalate Me proposé par la plateforme RootMe à l'European Cyber Cup 2022 à Lille.
ctf privilege-escalation web-security writeup

All the tags


Intro (14) Fcsc (14) Exploit (10) Iot (7) Windows (7) Dvid (7) Cve (6) Python (5) Ibm (5) Reverse-Shell (5) Firmware (5) As400 (5) Forensics (4) Jinja2 (4) Root (4) Hardware (4) Ssti (4) Template (3) Rce (3) Contexte (3) Injection (3) Execution (3) Side (3) Code (3) Ldap (3) Independant (3) Jinja (3) Active-Directory (3) Server (3) Vulnerabilities (3) Optimization (2) Pwn (2) Recovery (2) Conferences (2) Secretsdump (2) Infowindow (2) Lsa (2) Press (2) Restoration (2) Secrets (2) Cheatsheet (2) Password (2) Crypto (2) Heroctf (2) Keyboard (2) Poc (2) Payloads (1) MicroFocus (1) Qemu (1) Reverse (1) Web-Security (1) DNwithBinary (1) Malloc (1) Network (1) Reverse Engineering (1) Ipl (1) Pentesting (1) Web (1) Dos (1) Policy (1) Curl (1) Enumeration (1) Debugging (1) GiTea (1) Group (1) Denial (1) Devops (1) Rights (1) Suid (1) Xss (1) Data-Leak (1) Grehack (1) Information (1) Search-Api (1) Api (1) Credentials (1) Database (1) Service (1) Cms (1) Remotemouse (1) Ctf (1) Lighttpd (1) Disclosure (1) Mainframe (1) MsDS-KeyCredentialLink (1) String (1) Attribute (1) Print-Spooler (1) RSAKeyMaterial (1) Shellcodes (1) Radio (1) Hardening (1) Microsoft (1) Privilege-Escalation (1) Shadow (1) Forwarding (1) Passwords (1) Ametys (1) Content (1) Format (1) C (1) Ssh (1) Unix (1) Of (1) Port (1) Unauthenticated (1) Lighttpd1.4 (1) Shell (1) Web-Application (1) Infinite (1) Authenticated (1) Depth-First-Search (1) Extraction (1) File-Read (1) Linkedin (1) Crash-Dump (1) Research (1) Scrapping (1) Wget (1) Box (1) Spawn (1) Setuid (1) Tty (1) Writeup (1) Adminer (1) Remote-Code-Execution (1)