Walkthrough of the PortSwigger lab on JWT authentication bypass through unverified signatures, explaining how to exploit this vulnerability when the server doesn't properly validate token signatures.
Complete guide on Unconstrained Delegation in Kerberos and Active Directory, including how it works, enumeration, and exploitation techniques to compromise the domain.
Learn to exploit the three phases of the Kerberos protocol through AS-REQroasting, AS-REProasting and Kerberoasting to obtain credentials in Active Directory environments.
Real experiences from cybersecurity professionals about how they got their first jobs: advice, lessons learned, and pathways to enter the sector.
If you like the content and want to support the project, you can buy me a coffee. Your support helps keep the site active and create more quality content.
Buy me a coffeeThanks for your support 🙏