Spells :: Cardboard Iguana Security

Sunday, March 2, 2025

Abusing wildcard expansion in Bash

Sunday, March 2, 2025

Access the Windows Registry using PowerShell

Sunday, March 2, 2025

Add Windows users at the command line

Sunday, March 2, 2025

Aircrack-NG

Sunday, March 2, 2025

ARP

Sunday, March 2, 2025

ARP scanning

Sunday, March 2, 2025

AS-REP roasting

Sunday, March 2, 2025

AS-REP roasting with Impacket

Sunday, March 2, 2025

AS-REP roasting With Rubeus

Sunday, March 2, 2025

Automate Netlify builds with IFTTT

Sunday, March 2, 2025

Automatically stabilize a reverse shell with socat

Sunday, March 2, 2025

Avoid dropping privileges with SUID Bash

Sunday, March 2, 2025

awk

Sunday, March 2, 2025

Backdoor Visual Basic Scripts

Sunday, March 2, 2025

basenc

Sunday, March 2, 2025

Bash reverse shell

Sunday, March 2, 2025

Bash scripting

Language/Bash

Sunday, March 2, 2025

Bulk edit Windows permissions

Sunday, March 2, 2025

Burp Suite

Sunday, March 2, 2025

Bypass the PowerShell execution policy

Sunday, March 2, 2025

Bypass Windows antivirus with C#

Sunday, March 2, 2025

Calculate a file hash on Windows with CertUtil

Sunday, March 2, 2025

Call Mimikatz from a meterpreter shell

Sunday, March 2, 2025

cat

Application/cat

Sunday, March 2, 2025

cewl

Sunday, March 2, 2025

Change a branch name in Git

Sunday, March 2, 2025

Change an RSA key passphrase with OpenSSL

Sunday, March 2, 2025

Cisco IOS

OS/CiscoIOS

Sunday, March 2, 2025

Common Windows user types

OS/Windows

Sunday, March 2, 2025

Compact VM disk images

Sunday, March 2, 2025

Confirm the existence of a Gmail address

Sunday, March 2, 2025

crackmapexec

Sunday, March 2, 2025

Create a GPG Key (with SSH support!)

Sunday, March 2, 2025

Cross-site scripting (XSS) attacks

Sunday, March 2, 2025

CUPP

Sunday, March 2, 2025

Day One to Obsidian conversion script

Sunday, March 2, 2025

DCERPC

Sunday, March 2, 2025

Debugging Bash scripts

Language/Bash

Sunday, March 2, 2025

Default CIFS shares

Sunday, March 2, 2025

dig

Sunday, March 2, 2025

dir

Sunday, March 2, 2025

Disable AMSI

Sunday, March 2, 2025

DRSUAPI

Sunday, March 2, 2025

Easy reverse DNS lookups

Sunday, March 2, 2025

enum4linux

Sunday, March 2, 2025

Enumerate AD CS templates with CertUtil

Sunday, March 2, 2025

Evil-WinRM

Sunday, March 2, 2025

Exploit LD_LIBRARY_PATH

Sunday, March 2, 2025

Exploit LD_PRELOAD

Sunday, March 2, 2025

Exploit local Windows services

Sunday, March 2, 2025

Exploit local Windows tasks

Sunday, March 2, 2025

Exploit remote Windows services

Sunday, March 2, 2025

Exploit remote Windows tasks

Sunday, March 2, 2025

Exploit VBA scripts with msfvenom

Sunday, March 2, 2025

Exploit weak /etc/passwd permissions

Sunday, March 2, 2025

Exploit weak /etc/shadow permissions

Sunday, March 2, 2025

Exploit the Windows DLL search order

Sunday, March 2, 2025

Exploit the Windows “Feature on Demand” Helper

Sunday, March 2, 2025

Exploit Windows file associations

Sunday, March 2, 2025

Exploit Windows HTML applications with msfvenom

Sunday, March 2, 2025

Exploit Windows services

Sunday, March 2, 2025

Exploit Windows shortcut files

Sunday, March 2, 2025

Exploit Windows tasks

Sunday, March 2, 2025

Exploit the WinLogon initialization sequence

Sunday, March 2, 2025

Export highlights and annotations from Kobo eReaders

Sunday, March 2, 2025

Extract the webpage title from a URL

Sunday, March 2, 2025

ffmpeg

Sunday, March 2, 2025

find

Sunday, March 2, 2025

Find and replace a single line in a large text file

Sunday, March 2, 2025

Find executables with SUID capabilities

Sunday, March 2, 2025

findstr

Sunday, March 2, 2025

finger

Sunday, March 2, 2025

Fix EXIF data on Google Photos exports

Sunday, March 2, 2025

FTP

Sunday, March 2, 2025

FTPS

Protocol/FTPS

Sunday, March 2, 2025

fuff

Sunday, March 2, 2025

gdb

Application/gdb

Sunday, March 2, 2025

“Gemini compatible” markdown

Sunday, March 2, 2025

Get-FileHash

Sunday, March 2, 2025

Get a shell from ViM

Sunday, March 2, 2025

Get an SSL certificate

Sunday, March 2, 2025

Get-WinEvent

Sunday, March 2, 2025

Git on Windows

Sunday, March 2, 2025

gobuster

Sunday, March 2, 2025

Golden and silver ticket attacks

Sunday, March 2, 2025

grep

Application/grep

Sunday, March 2, 2025

The Harvester

Sunday, March 2, 2025

Hashcat

Sunday, March 2, 2025

How to exploit the Bash PS4 (debugging) prompt

Sunday, March 2, 2025

HTML applications

Sunday, March 2, 2025

HTTP

Protocol/HTTP

Sunday, March 2, 2025

Hydra

Sunday, March 2, 2025

icacls

Sunday, March 2, 2025

ICMP

Protocol/ICMP

Sunday, March 2, 2025

iftop

Sunday, March 2, 2025

IIS configuration data

Sunday, March 2, 2025

IMAP

Protocol/IMAP

Sunday, March 2, 2025

Impacket

Sunday, March 2, 2025

Invoke-Mimikatz

Sunday, March 2, 2025

Invoke-WebRequest

Application/PowerShell

Sunday, March 2, 2025

iOS quirks

Sunday, March 2, 2025

ipconfig

Sunday, March 2, 2025

IPSec

Sunday, March 2, 2025

IPv4

Sunday, March 2, 2025

Java

Sunday, March 2, 2025

John the Ripper

Sunday, March 2, 2025

JSON Web Tokens (JWTs)

Sunday, March 2, 2025

Kerberoasting

Sunday, March 2, 2025

Kerberoasting with Impacket

Sunday, March 2, 2025

Kerberoasting with Rubeus

Sunday, March 2, 2025

Kerberos

Sunday, March 2, 2025

Kerbrute

Sunday, March 2, 2025

less

Sunday, March 2, 2025

Load a shell with a simple executable

Sunday, March 2, 2025

Local file inclusion (LFI) attacks

Sunday, March 2, 2025

Look up unicode symbols and emojis

HowTo

Sunday, March 2, 2025

MAC address

Sunday, March 2, 2025

Magic numbers

Sunday, March 2, 2025

man

Sunday, March 2, 2025

Match files to packages in Debian-based operating systems

Sunday, March 2, 2025

Match files to packages in Red Hat-based operating systems

Sunday, March 2, 2025

Metasploit MS SQL modules

Sunday, March 2, 2025

meterpreter

Sunday, March 2, 2025

Mimikatz

Sunday, March 2, 2025

MITRE ATT&CK emulation plans

Standard/MITRE/Emulation

Sunday, March 2, 2025

more

Sunday, March 2, 2025

msfvenom

Sunday, March 2, 2025

MS SQL

Sunday, March 2, 2025

MySQL

Sunday, March 2, 2025

nano

Sunday, March 2, 2025

nbtscan

Sunday, March 2, 2025

net

Sunday, March 2, 2025

netcat

Sunday, March 2, 2025

netsh

Sunday, March 2, 2025

netstat

Sunday, March 2, 2025

NFS

Protocol/NFS

Sunday, March 2, 2025

Nikto

Sunday, March 2, 2025

Nmap

Sunday, March 2, 2025

Node.js

Sunday, March 2, 2025

nslookup

Sunday, March 2, 2025

NTLM hashes

Sunday, March 2, 2025

Oracle SQL Server

Sunday, March 2, 2025

OSI model

Standard/OSI

Sunday, March 2, 2025

OWASP ZAP

Sunday, March 2, 2025

Perl

Sunday, March 2, 2025

PHP

Sunday, March 2, 2025

PHP local file inclusion attacks

Sunday, March 2, 2025

ping

Sunday, March 2, 2025

Poison null byte attack

AttackCycle/Exploitation/NullByteAttacks

Sunday, March 2, 2025

Poison null byte in PHP

Sunday, March 2, 2025

Polkit

Sunday, March 2, 2025

POP3

Protocol/POP3

Sunday, March 2, 2025

Pop a SYSTEM shell on the Windows login screen using sticky keys

Sunday, March 2, 2025

Pop a SYSTEM shell on the Windows login screen using Utilman

Sunday, March 2, 2025

Port scanning with Bash

Sunday, March 2, 2025

POSIX process signals

Sunday, March 2, 2025

Powercat

Sunday, March 2, 2025

PowerShell reverse shell

Sunday, March 2, 2025

PowerView

Sunday, March 2, 2025

ps

Sunday, March 2, 2025

Pull SSL certificates from an external server

Sunday, March 2, 2025

Python

Sunday, March 2, 2025

Quickly bypass ssh-agent

Sunday, March 2, 2025

Quickly find the canonical path of a file

Sunday, March 2, 2025

Quick-n-dirty Python web server

Sunday, March 2, 2025

RCE via XXE in PHP

Sunday, March 2, 2025

Read a file beginning with a dash (-)

Sunday, March 2, 2025

reg

Sunday, March 2, 2025

RegEx metacharacters

Standard/RegEx

Sunday, March 2, 2025

Remotely install a Windows package with PowerShell

Sunday, March 2, 2025

Remove duplicate lines in Bash

Sunday, March 2, 2025

Retrieve AIX fileset information

Sunday, March 2, 2025

Retrieve AIX system information

Sunday, March 2, 2025

Rubeus

Sunday, March 2, 2025

Ruby

Sunday, March 2, 2025

RunAs

Sunday, March 2, 2025

Run commands directly with PowerShell

Sunday, March 2, 2025

Run a remote Windows command using PowerShell

Sunday, March 2, 2025

Send a command using OpenSSL

Sunday, March 2, 2025

Set the PATH in a session on UNIX-like operating systems

Sunday, March 2, 2025

Set the PATH in a session on Windows

Sunday, March 2, 2025

Set up WMI in PowerShell

Sunday, March 2, 2025

Shell stabilization

Sunday, March 2, 2025

SIP

Sunday, March 2, 2025

smbclient

Sunday, March 2, 2025

smbget

Sunday, March 2, 2025

smbmap

Sunday, March 2, 2025

SMTP

Protocol/SMTP

Sunday, March 2, 2025

socat

Sunday, March 2, 2025

SQL injection attacks

Sunday, March 2, 2025

SQLMap

Sunday, March 2, 2025

ss

Sunday, March 2, 2025

SSH

Sunday, March 2, 2025

sudo

Sunday, March 2, 2025

systemctl

Sunday, March 2, 2025

systeminfo

Sunday, March 2, 2025

tar

Sunday, March 2, 2025

TCP

Sunday, March 2, 2025

tcpdump

Sunday, March 2, 2025

TCP header flags

Protocol/TCP

Sunday, March 2, 2025

TCP headers

Protocol/TCP

Sunday, March 2, 2025

TCP window size

Protocol/TCP

Sunday, March 2, 2025

Telnet

Sunday, March 2, 2025

tmux

Application/tmux

Sunday, March 2, 2025

Transfer files over FTP using netcat

Sunday, March 2, 2025

UDP

Protocol/UDP

Sunday, March 2, 2025

unbuffer

Sunday, March 2, 2025

Uniform resource locators (URLs)

Standard/URI

Sunday, March 2, 2025

UNIX file descriptors

Sunday, March 2, 2025

UNIX password hashes

Sunday, March 2, 2025

UNIX permissions

Sunday, March 2, 2025

Unquoted path handling in Windows

Sunday, March 2, 2025

Upgrade PostgreSQL

Sunday, March 2, 2025

Use an alternate SSH key with Git

Sunday, March 2, 2025

Use Bash functions to “backdoor” executables

Sunday, March 2, 2025

Use Burp Suite with Firefox

Sunday, March 2, 2025

Use Burp Suite with mobile apps

Sunday, March 2, 2025

Use curl and jq with web APIs

Sunday, March 2, 2025

Useful built-in commands for Linux reconnaissance

Sunday, March 2, 2025

Useful built-in commands for Windows reconnaissance

Sunday, March 2, 2025

Useful Linux reconnaissance scripts

Sunday, March 2, 2025

Useful scripts for Windows reconnaissance

Sunday, March 2, 2025

Use OpenSSL to encrypt and decrypt files

Sunday, March 2, 2025

Use a Raspberry Pi 4B as hacking accessory

Sunday, March 2, 2025

Use unsupported display resolutions with Samsung DeX

Sunday, March 2, 2025

Use the Windows Firewall to relay ports

Sunday, March 2, 2025

Use WinRM with PowerShell

Sunday, March 2, 2025

ViM

Sunday, March 2, 2025

Visual Basic for Applications

Sunday, March 2, 2025

wfuzz

Sunday, March 2, 2025

whoami

Sunday, March 2, 2025

Wi-Fi

Sunday, March 2, 2025

Windows DLL search order

Sunday, March 2, 2025

Windows event IDs

OS/Windows/EventLog

Sunday, March 2, 2025

Windows event logs

OS/Windows/EventLog

Sunday, March 2, 2025

Windows local service accounts

OS/Windows/Services

Sunday, March 2, 2025

Windows logon scripts

Sunday, March 2, 2025

Windows permissions

Sunday, March 2, 2025

Windows reconnaissance with PowerShell

Sunday, March 2, 2025

Windows Remote Management

Sunday, March 2, 2025

Windows Run and RunOnce Registry keys

OS/Windows/Registry

Sunday, March 2, 2025

Windows Scripting Host

Sunday, March 2, 2025

Windows SeBackup and SeRestore permissions

Sunday, March 2, 2025

Windows SeImpersonate and SeAssignPrimaryToken permissions

Sunday, March 2, 2025

Windows service ACLs

Sunday, March 2, 2025

Windows services

Sunday, March 2, 2025

Windows SeTakeOwnership permission

Sunday, March 2, 2025

Windows Startup folder

OS/Windows

Sunday, March 2, 2025

Windows unattended installation data

Sunday, March 2, 2025

winrs

Sunday, March 2, 2025

Wireshark

Sunday, March 2, 2025

wmic

Sunday, March 2, 2025

Working with services in PowerShell

Sunday, March 2, 2025

Work with base64 encoding using PowerShell

Sunday, March 2, 2025

Work with remote services using WMI and PowerShell

Sunday, March 2, 2025

Work with remote tasks using WMI and PowerShell

Sunday, March 2, 2025

XFreeRDP

Sunday, March 2, 2025

XML external entity (XXE) attacks

Sunday, March 2, 2025

Xterm

Sunday, March 2, 2025

xxd

Sunday, March 2, 2025