Productivity tools and “life hacks” to use as a cybersecurity enthusiast! Tools to manage credentials, take well organized notes, precise screenshots, and sync files. These things may sound mundane but they become the bread and butter of your computer work flow if you learn to make good use of them…


Why use Burp Suite when OWASP ZAP does it all* without the paywall. Everything you do in Burp Community can be done just as well in ZAP.

Nearly every web application pentesting tutorial you’ll find online uses Burp Suite Community for demonstrations, but why is this? Burp Suite is the…


Learn about Active Directory penetration testing enumeration and exploitation using tools like Impacket, Kerbrute, and CrackMapExec. This post focuses on initial external enumeration and exploitation; from the perspective of having access to the AD network but have no account credentials and little information about the internal network. You will learn:


Learn from painfully common mistakes that contributed to my initial failure and how to pass the Offensive Security Certified Professional exam. I went from a 35 point fail to a 100 point pass a few months later.

This post is written to help those on their ‘OSCP journey’, practicing hard…


You have Remote Code Execution on a vulnerable machine, but how do you get a shell?

While hacking vulnerable machines, you’ll find neat exploits that give you a shell on the target automatically. However, most exploits merely give Remote Code Execution(RCE) which needs to be utilized to execute further commands…


Buff is a machine that is relatively beginner friendly. This write-up is similarly geared towards beginners to Hack the Box(HTB) and Pen-testing/Ethical Hacking in general. Things like hacking phases and what a shell is will be explained more in-depth than the average HTB write-up.

This machine is also great for…


Netcat, Nmap, Gobuster, these are all staple tools in the ethical hacking world. If you frequent Hack the Box, Try Hack Me or any other ethical hacking lab platform, you likely use the aforementioned tools very often. What if you could upgrade those tools?

Upgrade may be a dramatic word…


This guide will show you the simplest way to get a remote shell connection on a Windows 10 target just by plugging in the Bash Bunny. This connection will give you command line control over the computer from a remote location, which I’d constitute as a “hacking” a Windows computer.


There is a jabbing distaste for cloud storage services in the infosec community which is summed up by the quip: “the cloud is just someone else's computer”. By using cloud services like Dropbox, Google Drive, OneDrive, etc. you’re entrusting the privacy and security of your data to another company. Historically…


I’ll show you how to set up a Kali Linux virtual private sever(VPS) on Digital Ocean for ethical hacking, how to use a browser though your VPS, get a free domain name for your VPS, make a local backup and more!

When doing ethical hacking challenges or on pen-testing lab…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store