Using Obsidian plugins to keylog users, drop files to disk, or execute arbitrary code.

To learn more about Active Directory to improve my netsec skills for engagements and for OSCP/CRT prep I started accumulating notes in my own words about how each section of Active Directory works.

Detecting AMSI bypassing techniques with Machine Learning

This post is just a handbook of docker escapes

The SE IMPERSONATE privilege is a great one to see. This post talks through one of the potato exploits (they are all similar-ish) and highlights some possible ways to get a shell back as i have found it to be awkward at times.

What is a SEH? When and where are they used in Windows environments? How are they exploited? All things covered in this post about SEH Overflows.

This post talks about Docker sockets and all the ways we can interact with a Docker socket as well as techniques used to escape docker containers through exposed Docker sockets.