<IA/> Jun 25, 2025 Hacking AI - Attacks on Language Models Detailed analysis of vulnerabilities in AI models and manipulation techniques in Machine Learning, especially in Large Language Models (LLMs), including prompt injection and jailbreak strategies Read more Read more Hacking AI - Attacks on Language Models
<POC/> Mar 26, 2025 CVE-2025-24071 - Filter netNTLMv2 Credentials with a simple ZIP In this blog post, a proof-of-concept (PoC) is presented that demonstrates how a malicious `.library-ms` file can be used to capture netNTLMv2 credentials without the need for the victim to interact with the file. Simply unzipping the file is enough to trigger the vulnerability (CVE-2025-24071). Read more Read more CVE-2025-24071 - Filter netNTLMv2 Credentials with a simple ZIP
<Tools/> Oct 7, 2024 Upgopher, A Lightweight and Efficient File Server This article provides a quick analysis of Upgopher, a simple web server for uploading and managing files, designed for both local and remote environments, maximizing portability and minimizing compatibility issues. Read more Read more Upgopher, A Lightweight and Efficient File Server
<Tools/> Jul 18, 2024 Setting Up MultiEvilnoVNC with HTTPS This guide provides detailed instructions for setting up MultiEvilNoVNC, including preparing Docker containers, configuring Nginx, obtaining SSL certificates with Certbot, and modifying the startup script to ensure proper functionality. Additionally, it covers how to run the tool and manage and view sessions of websites visited by users. Read more Read more Setting Up MultiEvilnoVNC with HTTPS
<Technologies/> Aug 4, 2023 Password Security Policies (PSO) in Active Directory (AD) Password Security Policies (PSO) in Active Directory (AD) are a critical component in a corporate network's security infrastructure. PSOs allow system administrators to enforce strict and customized rules for password creation and usage across the network, thus ensuring that all users adhere to best information security practices. Read more Read more Password Security Policies (PSO) in Active Directory (AD)
<POC/> Jul 1, 2023 POC log4j exploit. Log4j - Complete Exploitation Guide & Proof of Concept | Detailed Walkthrough of the Critical Log4j Security Flaw with Real-World Attack Scenarios and Mitigation Strategies Read more Read more POC log4j exploit.
<Experiences/> Jul 1, 2023 My OSCP Experience OSCP Exam Experience - Detailed Review, Tips & Journey to Passing the Offensive Security Certified Professional Certification | Personal Insights from the PWK Labs and 24-Hour Penetration Testing Challenge" Read more Read more My OSCP Experience
<Tools/> Jul 1, 2023 PoFish, a docker for phishing Lately I have been making several phishing attempts. For one thing or another I have had to perform the same configuration of the same applications in different environments. For this reason I have created a DockerFile which once built, can be deployed with different options to perform a phishing exercise. Read more Read more PoFish, a docker for phishing
<Experiences/> Jul 1, 2023 How to Solve the Monkey Vulnerable Machine Learn how to solve a CTF machine in this post. Discover how to perform a login bypass, decrypt hashes, escalate privileges, and more. Read more Read more How to Solve the Monkey Vulnerable Machine