Biggest lesson from this box is not to rely too much on common wordlists because the thing you need to find may not be in the usual wordlists and it's pretty dumb. Other than that, it is a pretty straightforward assumed breach box. hackthebox.com/achievement/ma… #hackthebox

Really cool assumed breach box, lots of enumeration, researching on what you can crack and what you can change then finally digging into secrets. hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Nice AD machine, exploiting a CVE and then abusing ACLs. Root is more medium difficulty since you won't get the path by just simply using doing enumeration. hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Cool challenging box! For foothold I threw every file upload trick I know then extract stuff to get user. For root I used a likely unintentional path which required me to recompile an exploit and AV evasion. hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Really cool machine, lots of ACL abuse, enumerating beyond what BloodHound may show will reveal the grave we need to dig. hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Sharing my custom Amsi bypass that I kept private for a while, it patches AmsiOpenSession and is currently not detected by Defender. github.com/raskolnikov90/… #penetrationtesting

Nice machine where for user you research about abusing models, then some enumeration and abuse of functionality for root. hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Really tough machine, learned a lot from it, for user you will have to look into more novel AD attacks and get creative with ACLs. For root some enumeration and understanding clues should get you the next step and then perform kerberos abuse. labs.hackthebox.com/achievement/ma… #hackthebox

Cool machine, DACL abuse, grave and secrets digging, then enumerating from WSL. labs.hackthebox.com/achievement/ma… #penetrationtesting #hackthebox

First triaged bug on a bug bounty program, wish me luck! #bugbounty

Well that went better than expected. #bugbounty

Nice assumed breach linux box. User is easy, recent exploit then you have to dig a bit into sessions. Root I found it a bit tricky, really had to play and research about that binary. labs.hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Pretty hard machine, having to abuse DNS in a way haven't done before, enumerating and abusing a completely new service for me, to discovering you can do a lot more than you can think of with a certain ACL. labs.hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

I liked user, really digging into the application, really hard to figure the last step but once you do and look back, it makes a lot of sense. For root its more simpler than it looks and with the right search you can find what you need. labs.hackthebox.com/achievement/ma… #hackthebox

Easy machine, pretty straightforward user flag. Root is also easy but I wonder if there are other privilege escalation paths since I feel like I picked the lowest hanging fruit. labs.hackthebox.com/achievement/ma… #hackthebox #penetrationtesting

Easy machine, a bit of code analysis will quickly reveal what to exploit. Root was fun since you have to play with it then you can leak what you need easily. labs.hackthebox.com/achievement/ma… #hackthebox

My machine "Sysco" is available at Hack Smarter Labs! hacksmarter.org/events/4fff8db… #penetrationtesting

In this article I show how to modify GodPotato to evade antivirus and escalate privileges. medium.com/@luisgerardomo… #penetrationtesting #redteaming

In this article I show how to modify and compile a Shellcode loader made in Golang and then use it to load a Sliver C2 beacon. #redteaming #penetrationtesting medium.com/@luisgerardomo…

In this article I’ll show how to find and modify the assembly of binaries and shellcode as a way to evade byte based detection. I’ll first show how to do this manually then how to script it and finally show a tool we can also use. medium.com/@luisgerardomo… #penetrationtesting