Decrypting Browser Credentials For Fun (But Not Profit)

I was recently learning about web browser forensics and became interested in understanding the different ways that browsers locally store a user’s credentials. I’ve also recently come across a few HackTheBox machines requiring decryption of passwords from browsers for privilege escalation. This presented me with the idea for a relatively... [Read More]

Hack The Box - Arkham

Arkham was definitely more difficult than its rating would have you believe! In particular, the java deserialisation exploit required a fair bit of research and testing. The combination of UAC bypass / DLL hijack was a nice touch for the privesc. I refer to this post every now-and-then when I... [Read More]