Skip to content
Menu  
  • Contact Us

CertCube Labs

– Blog on insane exploitation Concepts

  • Home
  • IoT pentesting
  • OSCP Study material
    • offensive-exploitation
      • Searchsploit Cheat Sheet
      • Tools Allowed in OSCP
      • OSCP – Enumeration Cheatsheet & Guide
      • OSCP – Msfvenom All in One
      • RCE with log poisoning Attack Methodologies
      • Pivoting and SSH Port forwarding Basics -Part 1
      • Pivoting & Port forwarding methods – part2
    • Stack based Buffer-overflow
      • OSCP – Detail Guide to Stack-based buffer Overflow – 1
      • OSCP – Detail Guide to Stack-based buffer Overflow – 2
      • OSCP – Detail Guide to Stack-based buffer Overflow – 3
      • OSCP – Detail Guide to Stack-based buffer Overflow – 4
      • OSCP – Detail Guide to Stack-based buffer Overflow – 5
      • OSCP – Detail Guide to Stack-based buffer Overflow – 6
      • OSCP – Detail Guide to Stack-based buffer Overflow – 7
      • OSCP – Detail Guide to Stack-based buffer Overflow – 8
      • OSCP – Detail Guide to Stack-based buffer Overflow – 9
    • SEH based Buffer Overflow
      • SEH Based Buffer overflow
      • OSCP SEH based buffer overflow – Part 2
  • Infrastructure Pentest
    • Linux-Pentesting
      • Linux privilege Escalation methods
      • Linux Privilege Escalation all in one
      • Reverse Shell Cheat Sheet
      • Linux Privilege Escalation – Tools & Techniques
      • Linux detailed Enumeration – Commands
      • Linux Privilege Escalation – SUDO Rights
      • SUID Executables- Linux Privilege Escalation
      • Back To The Future: Unix Wildcards Injection
      • Restricted Linux Shell Escaping Techniques
      • Restricted Linux shells escaping techniques – 2
    • Windows-Pentesting
      • Windows Privilege Escalation Methods
      • Windows Attack Anatomy
      • Beginner Friendly Windows Privilege Escalation
      • Windows Privilege Escalation Guide – part 1 | Tools
      • Windows Privilege escalation – Part 2 | Enumeration
      • Windows privilege escalation – part 3 | Kernal-Exploits
      • Windows Kernel Exploitation – part 4 | Vulnerabilities
      • Herpaderping process– Evading Windows Defender Security
    • Active Directory Pentesting
      • AD Recon For Beginners
      • Powershell Restrictions bypasses
      • Kerberoasting initial: AS-REP Roasting
      • Kerberoasting Simplified
      • Kerberoasting Common tools
      • Pass the hash: A Nightmare still alive!
      • PowerShell Remoting For pentesters Cheatsheet
      • PowerUp Cheatsheet
      • Active Directory privilege escalation cheat sheet
      • AD exploitation Powershell Cheatsheet
      • Powershell Scripts Execute without Powershell
    • web-specific
      • OvertheWire Natas 1 to 34 Full writeup
      • CHEATSHEET – LFI & RCE & WEBSHELLS
      • Web Shells & Exploitation Fundamentals
      • WebShells & Exploitation – LFI to RCE
      • Advanced SQL Injections with LoadFile and Outfile
      • Wfuzz- The power of evil
      • AWAE Exam Review
      • Thick client Testing
  • Mobile AppSec
    • iOS-Pentesting
      • iOS IPA Architecture and JailBreak IOS 13.4.1
      • The Anatomy of the iOS file system in Depth -101
      • Build an IOS pentesting lab via XCode Simulator
      • Build the IPA From Device and IPA Container Analysis
      • Local Data Storage Of iPhone IPA from IOS device
      • Local Storage Analysis of IPA from the attacker device
      • Insecure Data storage Analysis of iOS Applications
      • Decrypting IOS apps Essentials
    • Android Pentesting
      • Android SSL pinning bypass with Frida
      • Creating Rooted AVD in Android Studio
  • Certcube-trainings
    • offensive CTF
    • enterprise pentester training
    • How to start your career into cyber security
  • Contact Us

CertCube Labs

Build an IOS pentesting lab via XCode Simulator
All Blog

Build an IOS pentesting lab via XCode Simulator

Posted on 20th January 202120th January 2021 | by c3rtcub3_labs

This blog is written by our student Pranav Sharma. Doing an iPhone pen-testing can be a tedious task in itself […]

Leave a Comment on Build an IOS pentesting lab via XCode Simulator
Kerberoasting Simplified
All Blog

Kerberoasting Simplified

Posted on 20th January 202120th January 2021 | by c3rtcub3_labs

Introduction As Kerberos is an authentication protocol it is possible to perform brute-force attacks against it (providing we are careful). […]

Leave a Comment on Kerberoasting Simplified
Kerberoasting initial: AS-REP Roasting
AD exploitation & Post exploitation

Kerberoasting initial: AS-REP Roasting

Posted on 20th January 202120th January 2021 | by c3rtcub3_labs

Introduction AS-REP roasting is an attack that is often-overlooked in my opinion it is not extremely common as you have to […]

Leave a Comment on Kerberoasting initial: AS-REP Roasting
Herpaderping process– Evading Windows Defender Security
Windows-Pentesting

Herpaderping process– Evading Windows Defender Security

Posted on 19th January 202119th January 2021 | by c3rtcub3_labs

Evading windows defender security is always an interesting topic for information security professionals. When designing products for securing Windows platforms, […]

Leave a Comment on Herpaderping process– Evading Windows Defender Security
Powershell Restrictions bypasses
AD exploitation & Post exploitation

Powershell Restrictions bypasses

Posted on 19th January 202119th January 2021 | by c3rtcub3_labs

In most mature environments and in most of these tests, access to command line tools is restricted. Employees typically cannot […]

Leave a Comment on Powershell Restrictions bypasses
Decrypting IOS apps Essentials
mobile application security

Decrypting IOS apps Essentials

Posted on 9th January 20219th January 2021 | by c3rtcub3_labs

Frida way:- Step 1: Install Frida on the system (Mac/Windows) and iPhone I’m using my Linux pentesting box and installed Frida using #pip […]

Mysql UDF Basics and Exploitation
OSCP Study material

Mysql UDF Basics and Exploitation

Posted on 28th December 202028th December 2020 | by c3rtcub3_labs

So what is a UDF? It is a way to extend MySQL with a new function that works like a […]

Leave a Comment on Mysql UDF Basics and Exploitation
The art of file uploading :- pro level
All Blog

The art of file uploading :- pro level

Posted on 8th December 20208th December 2020 | by c3rtcub3_labs

I have recently published a blog post on use of .XAMLX files to execute command on an IIS based application. […]

Leave a Comment on The art of file uploading :- pro level
Creating Rooted AVD in Android Studio
All Blogmobile application security

Creating Rooted AVD in Android Studio

Posted on 1st December 20201st December 2020 | by c3rtcub3_labs

For a security enthusiast, a rooted android device is essential to perform dynamic assessments of android applications. They either rely […]

Insecure Data storage Analysis of iOS Applications
All Blog

Insecure Data storage Analysis of iOS Applications

Posted on 28th November 202019th January 2021 | by c3rtcub3_labs

One might think that we are done with the static analysis of the application, but it is not so. We […]

Leave a Comment on Insecure Data storage Analysis of iOS Applications

Posts navigation

1 2 … 9 Next

Categories

  • AD exploitation & Post exploitation (10)
  • All Blog (43)
  • buffer overflow (11)
  • cloud Security (2)
  • IoT pentesting (6)
  • Linux privilege escalation (14)
  • mobile application security (7)
  • OSCP Study material (32)
  • Windows-Pentesting (12)

Recent Comments

  • pravat sahoo on Windows Privilege Escalation Methods
  • megan on Windows Privilege Escalation Methods
  • tiny thunder on WebShells & Exploitation – LFI to RCE
  • travis on OSCP – Msfvenom All in One
  • homepage on OSCP – Msfvenom All in One

CertCube Labs

  • Email
  • facebook
  • twitter
  • instagram
  • linkedin
© Copyrights 2021, CertCube Labs A theme by MintTM
Proudly powered by WordPress

WhatsApp us for trainings & demos