Mark of the Web Bypass – Red Team Tactics This post demonstrates how red team operators can bypass Mark of the Web (MotW) protections to achieve stealthy execution of payloads on Windows systems. ...

Assumed Breach to Domain Admin – HTB EscapeTwo Walkthrough This post demonstrates a full-path Active Directory compromise using initial credentials, misconfigured services, and post-exploitation t...

GISEC (Gulf Information Security Expo & Conference) is the region’s largest and most impactful cybersecurity event, bringing together professionals, vendors, and experts from around the globe. ...

Command injection is a vulnerability that occurs when an application improperly passes user input to a system shell. Attackers can exploit this flaw to execute arbitrary commands on the target syst...

Generating 68 KB EICAR Test Files in Multiple Formats The EICAR test file is a standardized file used to test antivirus detection without using actual malware. This repository provides a script to...

OWASP GenAI Red Teaming Guide

Responder Attack via MSSQL Overview This guide explains how to use Responder to capture NTLM hashes from an MSSQL server and crack them using Hashcat. Step 1: Start Responder To listen for inco...

MSSQL Shell Script Acknowledgments This script is based on the original work by Alamot . The original script was modified to: Fix compatibility issues related to base64.encodestring (which was ...

NetExec (NXC) Commands Cheatsheet Introduction This cheatsheet provides a collection of essential NetExec (nxc) commands for Active Directory penetration testing and red teaming engagements. NetE...

Red Teaming is a cybersecurity assessment that involves adversary simulation, using real-world TTPs (Tactics, Techniques, and Procedures) to mimic advanced threats, test defenses, and improve an or...