Ahmed Sultan

Offensive security engineer at Redforce   •   https://0x4148.com

Windows authentication attacks part 2 - kerberos

Windows authentication attacks part 2 – kerberos

Kerberos authentication is one of the cores of the AD, knowing how it works facilitates the deep understanding of many attacks.
Active directory Red teaming   •   April 28, 2020   •   84 min read
Windows authentication attacks - part 1

Windows authentication attacks – part 1

In order to understand attacks such as Pass the hash, relaying, Kerberos attacks, one should have pretty good knowledge about the windows Authentication / Authorization process.
That’s what we’re going to achieve in this series.
In this part we’re discussing the different types of windows hashes and focus on the NTLM authentication process.
Red teaming   •   April 2, 2020   •   26 min read
Comma is forbidden! No worries!! Inject in insert/update queries without it

Comma is forbidden! No worries!! Inject in insert/update queries without it

A writeup regarding exploiting SQL injection issue in an insert query while it wasn’t possible to use a comma at my payload at all.
Web Security   •   March 31, 2019   •   13 min read
[SQLi] Extracting data without knowing columns names

[SQLi] Extracting data without knowing columns names

Extracting data without knowing columns names from MYSQL < 5 or in case of WAF blacklisting sending information_schema in the request

Web Security   •   February 9, 2019   •   7 min read