The purpose of this tool is to be utilized in Red Team Assessments and for auditing XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto ...

Apache2 Rootkit Scenario Our goal is to establish an Apache rootkit that will grant us command injection capabilities, allowing us to gain backdoor access. What Is A Rootkit? A rootkit is a cov...

SSh Keys, Local Accounts, Web Shells & Cron Jobs The Persistence strategy presents us with a systematic approach for acquiring and establishing sustained access on the target system. We will ...

Kernel Exploits & Misconfigured SUDO Permissions We will explore the following list of essential techniques and sub-techniques: Local Accounts Exploiting misconfigured SUDO Permissions ...

Exploiting a Public Facing Server The Initial Access strategy comprises well-defined techniques that allow us to systematically gain an initial position on the target system. However, some techniq...

Evading AV Detection on Windows The Defense Evasion tactics delineate a systematic approach for avoiding detection on a target system. Here are some of the key techniques and sub-techniques we wil...

There is a cross-site scripting vulnerability in version 1.0 of the PHPJabbers Travel Tours Script. SHA-256 | 0a7f5b626d6393bcc255133a21566a6f163578785f29510c84d73418a28fd1fe ┌┌───────────...

Bypassing UAC, Kernel Exploits & Impersonation Here are some of the key techniques and sub-techniques we will investigate UAC Bypass Token Impersonation Kernel Exploits Scenario The...

Credential Access with Mimikatz & WCE The techniques outlined under the Credential Access tactic provide us with a clear and methodical way of extracting credentials and hashes from memory on ...

Initial Access with Luckystrike & PowerShell Empire The Initial Access strategy offers a structured and systematic approach to gain an initial foothold on the target system. However, it is wor...