Learning Resource

My 1st CVE on Dell

CVE-2022-34389, Impersonate a legitimate dell customer to a dell support technician.

Posted on April 28, 2023

This CVE resulted from a product study project I conducted with the one and only: Gad Abuazira

[Read More]

Tags: CVE rate_limit CVE-2022-34389

KITCTF - Cloudwhere

Whitebox web ctf

Posted on March 2, 2023

[Read More]

Tags: NodeJs Web CTF whitebox

Basic web security mechanisms

Explanation of CSP, SOP and CORS

Posted on January 21, 2023

Intro

[Read More]

Tags: CSP SOP CORS

About Kerberos

Explanation of Kerberos protocol and the related attacks

Posted on February 1, 2022

First of all, have you ever wondered why the name “kerberos” chosen? well, meet the guards of the underworld: [Read More]

Tags: Kerberos ASREProast Pass The Ticket Golden Ticket Silver Ticket Kerberoasting Impacket

Cascade machine writeup

From domain reconnaissance to reverse engineering. Come and have fun.

Posted on January 15, 2022

In this article I’m going to explain how I solve Cascade HTB machine. I choose to write on Cascade machine because of the broad knowledge required to solve this machine. [Read More]

Tags: HTB Active Directory Powershell LDAP Reversing