Offsec Proving Grounds Walkthrough – Hepet

Walkthrough of the machine called "Hepet" in the OffSec Proving Grounds...This is a Windows machine rated as intermediate, don't watch unless you want help getting through the machine. In this machine we exploit bad password practices with IMAP to get an initial foothold and then use PowerUp to determine that…

Offsec Proving Grounds Walkthrough – Nibbles

Late posting this one. This is Walkthrough of the machine called "Nibbles" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. In this machine we abuse default creds in a postgres database, utilize and exploit to gain a shell and escalate using an incorrectly set…

Offsec Proving Grounds Walkthrough – Hutch

Walkthrough of the machine called "Hutch" in the OffSec Proving Grounds...don't watch unless you want help getting through the machine. In this machine we ldapsearch to find credentials, we exploit WebDAV to upload and .aspx reverse shell. Once on the machine we use a python exploit to get the LAPS…

nPmHacks Channel Update

Hey all! I have been posting multiple videos a week for a couple of months now and to be frank, I am not seeing any more views, comments or subscribers with all that extra work for me (it's about the same as when I was posting one a week). Based…

Offsec Proving Grounds Walkthrough – Vault

Walkthrough of the machine called "Vault" in the OffSec Proving Grounds...This is a Windows machine rated as hard, don't watch unless you want help getting through the machine. In this machine we use phishing type links on an open SMB share to catch hashes using responder for initial access, after…

How to write a Windows 32-bit buffer overflow!

In this video we write a 32 bit buffer overflow together in python using tools like Immunity Debugger, Mona, and msfvenom. I show you how to: 1.) Fuzz the application 2.) Determine the offset 3.) Control the eip cpu register 4.) Determine your bad characters (manually and using Mona) 5.)…