-
Courses Coming Soon
Exciting news! We are currently developing new courses designed to expand your knowledge and skills in cybersecurity. These courses are in the works and will be released in the near future. Be sure to stay tuned on our blog for updates, as we’ll be posting an announcement here once the first course is available. –…
-
Walkthrough – Hybrid (Vulnlab and Hack The Box HTB)
This is a walkthrough of the AD chain called “Hybrid” from Vulnlab: https://www.vulnlab.com As of June 2025, Hack The Box HTB has migrated Vulnlab machines onto their lab offerings. NOTE: The target IP will vary in this walkthrough as it took me several days to complete the AD chain and compromise both machines. The AD…
-
New Shirt Drop – Threat Actor Cat
Our merch store just got a whole lot cuter and a little more dangerous with the arrival of the “Threat Actor Cat” tee. This isn’t your average cat shirt – it’s a statement piece for anyone who knows that even the fluffiest feline can be a force to be reckoned with. With a purr-suasively adorable…
-
Walkthrough – Baby2 (Vulnlab and Hack The Box HTB)
This is a write up/walkthrough of the machine called “Baby2” on Vulnlab: https://www.vulnlab.com As of June 2025, Hack The Box HTB has migrated Vulnlab machines onto their lab offerings. NOTE: It took me several days to complete this lab, so the IP in the screenshots may change. Enumeration rustscan enum4linux-ng smbmap I run smbmap to…
-
Walkthrough – Feedback (Vulnlab and Hack The Box HTB)
This is a walkthrough of the machine Feedback on Vulnlab: https://www.vulnlab.com/ As of June 2025, Hack The Box HTB has migrated Vulnlab machines onto their lab offerings. Enumeration rustscan web server on 8080 I see a tomcat server on port 8080: Next I run gobuster to look for hidden directories or files: gobuster dir -k…
-
Practical Network Penetration Tester (PNPT) Certification and Training Review
Introduction I wanted to improve my active directory skills to help me develop sharper penetration testing and red teaming skills, and the PNPT certification exam and training seemed to appeal to me. What interested me most was the emphasis on active directory attacks. As someone who is mostly self-taught I thought I’d try TCM Security’s…
