How NTLM Authentication Works
Detailed explanation of how NTLM authentication works in Windows, including LM and NT hashes, the Net-NTLMv2 process, and techniques like Pass The Hash.
Jan 10, 2022 Juan Antonio González Mena
All Posts
128 articles
Privilege Escalation through Passwords in Windows
Techniques for escalating privileges in Windows through passwords stored in the registry, configuration files, saved credentials, and SAM hash extraction.
Jan 3, 2022 Juan Antonio González Mena
Windows Privilege Escalation Through Insecure GUI Applications
Learn to identify and exploit misconfigured graphical applications in Windows to escalate privileges using GUI exploitation techniques.
Dec 27, 2021 Juan Antonio González Mena
What is a Windows Service
Learn what Windows services are, how they work, the different types of privilege escalation related to services, and enumeration techniques with accesschk.exe.
Dec 22, 2021 Juan Antonio González Mena
Windows Privilege Escalation Through Unquoted Service Paths
Learn to identify and exploit Windows services with unquoted paths to escalate privileges using Unquoted Service Path techniques.
Dec 14, 2021 Juan Antonio González Mena
eCPPTv2 Review - eLearnSecurity Certified Professional Penetration Tester 2021
Complete review of INE Security's eCPPTv2 certification: advanced pentesting course, complex labs, pivoting exam, and my experience obtaining the certification.
Dec 9, 2021 Juan Antonio González Mena
Windows Privilege Escalation with Kernel Exploits
Learn to escalate privileges on Windows through kernel exploits, vulnerability enumeration, and tools like WESNG and Watson.
Dec 2, 2021 Juan Antonio González Mena
32-Bit Buffer Overflow in SLMail 5.5
Manual exploitation of Buffer Overflow in SLMail 5.5, from fuzzing to obtaining a reverse shell, controlling the EIP and avoiding badchars.
Nov 28, 2021 Juan Antonio González Mena
How to Exploit Path Hijacking and Library Hijacking
Explanation of Path Hijacking and Library Hijacking privilege escalation techniques on Linux, how to exploit them through PATH manipulation, and practical examples with SUID permissions and sudo.
Nov 10, 2021 Juan Antonio González Mena