Category: OffSec

Installing GOAD on Parrot Security OS

March 17, 2025
OffSec
Comments Off

Ever wanted to practice pentesting a virtual Active Directory environment but thought it would be a massive hassle to set up? That’s where the tool GOAD (Game Of Active Directory) comes into play. As per the github: The purpose of this tool is to give pentesters a vulnerable Active directory environment ready to use to…

Read More

Malware Delivery via Blender

February 28, 2025
OffSec
Comments Off

Traditional phishing and malware delivery attacks typically follow a predictable pattern: “Hey user, open this Word document. It contains important information you need to see.” The user opens the document. “Hey user, enable macros to view the contents of this important document.” The user clicks “Enable Content.” A hidden macro runs a PowerShell script in…

Read More

Pivoting for Dummies: Ligolo-ng

February 20, 2025
OffSec
Comments Off

Moving laterally within a compromised network, pivoting from one target network onto a secondary target network, or even a third, can be confusing for those who are not accustomed to the technique and find that there are a million pivoting tools out there that look to do the same exact thing. There are certainly other…

Read More

Leveling Up with HackTheBox Academy (CPTS & CDSA)

February 6, 2025
DefenceOffSec
Comments Off

I have been working as SOC Analyst for several years, primarily working in banking Cyber Security Operation Centers. However after taking a career break, I wanted to refresh and upgrade my skills before re-entering the job market. Given the high costs of traditional cybersecurity certifications (I’m looking at you OffSec and SANS!!), I sought a…

Read More