byt3n33dl3 // Enterprise // Knowledges

My PEN : Bounty

Cyber Introduction

BYT3N33DL3 Intro

Penetration Testing Specialist | Offensive Security | Ex Black Hat | Ex (APT28) Espionage.

Security Certifications

Defensive Security
CCSA., CDSA., OSDA., CISO., CISAv2., CISM., CRISC., Cybersecurity Foundation., SIT., MAST., CSE., CISSP., CISSM.

Offensive Security
CRTM., CRTS., CRTP., CRTE., CESP-ADCS., AADL., ADA (AE)., PACES., PACSP., CARTE., CARTP., CAWASP., CRTO., CRTL., PenTest+., CPT., CRT., eMAPT., eWPTXv2., eCPPTv2., eCPTXv2., eCXD., CCSAS., CBBH., CPTS., CWEE., CAPE., OSCP., OSCP+., KLCP., OSWP., OSEP., OSED., OSWE., OSWA., OSCE3., OSMR., OSEE., C|EH (Master)., L|PT (Master)., C|HFI (v11)., C|PENT., C|CISO., E|HE., GPEN., GXPN., CNSS., CPSA., PTEC., PJPT., PNPT., VMF.

Recognize By

INE Security
Offensive Security
InfoSec Institute
Cisco
National Security Agency
BlackHat
UMD
ITCerts
Zero Point Security
IAPP
USYD
Stanford University
Pentester Academy
GAQM
ISACA
MIT
AWS Certification
CREST
TCM Security
RedTeam
SUNY
HKUST
IT Governance
EC-Council
HackTheBox
Altered Security
TryHackMe
ISC2
SANS
Axelos
CompTIA
GIAC

Explore My Certificates

In Progress Structure

Learning On-going

iOS and MacOS TCC Exploitation
Web 3.0 and Blockchain Attacks
Aerospace Engineering

Follow my Activity

Articles and Notes

CrackMapExec Guide Kerberos Attacks

Attacking Kerberos with CrackMapExec is a post exploitation attack technique that attempts to obtain a Passwords of an Active Directory account.

"Swiss Army Knife" for testing networks, facilitates enumeration, attacks, and post exploitation that can be leveraged against most any Domain.

Continue reading heart

18.6 K

iOS and Android Spyware. Pegasus?

The iPhone maker has detected Spyware attacks against people in more than 150 Countries. Knowing if your device is Infected?

Continue reading heart

2.4 K

The WannaCry Ransomware Attack

The WannaCry Ransomware attack was a Worldwide Cyber Attack. The Hackers demanded a Ransom.

Continue reading heart

579

Advanced Query Injection Attacks

Injection attacks occur when attackers Exploit Vulnerabilities in an Application to send Malicious code Into a system.

Continue reading heart

2.1 K

Tickets Delegation Kerberos Attacks

Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted networks. It helps prevent Cyber Attacks from entering a private network. "So does it Really safe?".

Nope!, Attackers can easily Kill that Authentication like any Other System and Protocols, Kerberos Attacks.

Continue reading heart

736

Web Exploitation Expert HTTP Attacks

As a Senior Website Penetration Tester, I often doing a HTTP and HTTPs Attacks, Due to misconfigurations or bugs in the reverse proxy or web server Software.

Attacks that I can possibly do in HTTP Domain, Web Cache Poisoning, Injection Attacks such as CSRF, Host Header Attacks, Session Puzzling, and more.

Continue reading heart

4.7 K

Senior Authentication Protocol Bypassing

Authentication Attacks and Bypasses Knowledge. It could result in unauthorized Access, Data loss, or potentially even Remote code Execution, depending on the Application's.

Continue reading heart

206

WhiteBox BlackBox Penetration Tester

WhiteBox and BlackBox penetration testing, Enables thorough testing to identify various Hard to find Flaws.

Continue reading heart

707

Advanced Directory Penetration Tester

Experienced with Active Directory Certificate Services, Windows Update Server Services, Exchange, and Domain Trusts Attacks, exploit it from Linux and Windows and utilizing Command and Control.

Continue reading heart

1.8 K

Intermediate Filter Outcomes Attacks

Intermediate Knowledge of Filters and Outcomes Attacks, Enjoy and Explore Deserialization Attacks with specific examples in Python, Ruby, and PHP.

Continue reading heart

5.2 K

WordPress Domain Exploit and Attacks

Attacking Content Management System. Exploiting Databases, Web applications using some ShellCodes method. Using Manual and Automated attacks against a WordPress installation and the underlying Webserver.

Continue reading heart

829

Intermediate Deep Learning Attacks

For professionals planning on working with Artificial Intelligence (AI), Machine Learning (ML), and Deep Learning (DL) systems, grasping the underlying technologies.

Continue reading heart

1.2 K

Cyber Offensive

Misconfigurations Hunting Specialist

Advanced Knowledges and Capabilities in Bug Hunting or Misconfigurations Hunting. Can Detect and be able to spot Security issues and Identify avenues of Exploitation that may not be immediately apparent from searching for CVE's or known exploit PoC's.

Continue reading heart

14.9 K

Active Directory Exploitation Expert

Senior Active Directory Penetration Tester was for individuals who aim to develop skills in PenTesting networks and the components commonly found in such environments.

This Activity was the Exam when a Real Hackers got their Knowledges tested. Authentication Attacks, Kerberos Attacks, Enumeration, Lateral Movement, Port forwarding, and many more.

Continue reading heart

9.2 K

Senior Web Security Testing Specialist

The Senior Web Penetration Tester and Exploitation Expert was given to test Hackers Knowledge in Dynamic Analysis.

Protocol Bypasser, Cache Attacks, WhiteBox Penetration Test, and many more.

Continue reading heart

870

Exploitation Mapping Using thc-Nuclei

thc-Nuclei is a fast, Customizable Vulnerability scanner powered by the global Security Community and built on a simple .yaml based DSL, Enabling collaboration to tackle Trending Vulnerabilities.

Continue reading heart

1.8 K

Deep Understanding

Binary Fuzzing and Atom Execution

Know about code Sanitizers (e.g., ASan) that find bugs. BlackBox, WhiteBox, and GreyBox Fuzzing, Differentiate between these strategies, their advantages, and scenarios where each approach is most applicable.

Continue reading heart

2.2 K

Website Assessor HTTPs Attacks

Senior details on Transport Layer Security (TLS) and how it helps to make HTTP secure with the widely used HTTPs. How TLS sessions are established, common TLS misconfigurations, as well as famous attacks on TLS. How to identify, exploit, and prevent TLS Attacks.

Continue reading heart

4.1 K

Intermediate Linux Privilege Escalation

Know about and covers a wide variety of techniques that can be utilized to Escalate Privileges on Linux systems. Privilege escalation is an essential part of a penetration test or red team assessment. Having a deep understanding of the Linux operating system.

Continue reading heart

1 K

Active Directory 909 : Privilege Escalation

After gaining a Foothold, elevating our privileges will provide more options for persistence and may Reveal Information stored locally that can further our access in the environment. Enumeration is the key to privilege escalation.

Continue reading heart

702

Web Directory with httpx : Enumeration

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryable HTTP library.

Continue reading heart

6.7 K

Dominant Knowledge

Senior Penetration Testing Specialist

Professional and Advanced World Hacking and Penetration Testing skills.

My Knowledges in Penetration Tester specializing in Machine and Services Attacks. Execute a technical competency in Every Penetration Testing Domains at an Intermediate level.

Continue reading heart

13.2 K

Starlink Router Penetration Testing

Attacker can inject a signal at a time of their chosing then they can flip a software branch, or reduce the entropy of a True Random Number Generator to next to Nothing.

Continue reading heart

4.5 K

QuamusID and RuangGuru PenTest

Some of Indonesian Learning Management System or LMS are still Vulnerable to CSRF, XSS, API Attacks, and File Upload Attacks?

Continue reading heart

318

Penetrate MacOS Kernel Extensions

Introducing CrackMacExpo the OSX and MacOS Distro Killer, it has a features of "Undetected by SandBox". SSL and iTunes backup Attacks.

Continue reading heart

6.8 K

Intermediate Web Exploitation Expert

Web Exploitation Expert was one of my Specialization in the Ethical Hackers and Penetration Testing Worlds. I have Proven to hands on a High class and standards for Web Attacks.

I Possess a technical Competency in the Web Bug Hunting, Misconfigurations Hunting, and Services Application Testing Domains at an Intermediate and Hard level.

Continue reading heart

3.9 K

Advanced Web SSRF Filter Bypasses

Senior Website Attacks with Modern Exploitation Technique, Web vulnerabilities like Cross-Site Scripting (XSS), SQL injection, and Local File Inclusion. Explore the Exploits over protocols beyond HTTP, particularly the WebSocket Protocol.

Continue reading heart

1.6 K

HTTP Analysis 909 : Misconfigurations

Session Puzzling on HTTP Attacks. Exploiting weak Session ID's, Attacking Session Puzzling due to insecure defaults, due to common session variables, due to premature session population.

Continue reading heart

11.3 K

Exploiting Client Side WhiteBox Attacks

Senior Web Application analysis, Vulnerability research from a Whitebox approach such as Prototype Pollution, Timing Attacks and Race Conditions, Type Juggling.

Continue reading heart

602

Active Directory Enumeration LDAP

Advanced Actions on Active Directory the LDAP protocol, working with LDAP and Active Directory search filters, and various Built in tools that can be used to Enumerating a Windows environment.

Continue reading heart

1.7 K

Sharp-Knife Analysis

Performing MacOS Kerberos Attacks

Multiple Attacks on Authentication mechanism, doesn't matter the Target Machines are, Compromising Active account was never hard nor Impossible.

Continue reading heart

7.3 K

Intermediate User and Activity Analysis

Senior Activity Analysis on Linux and Windows artifacts, such as Shellbags, JumpLists, LNK files, ActivityCache.db, and more, along with their significance in understanding user behavior.

Continue reading heart

139

Senior WhiteBox 101 : Penetration Testing

Intermediate level of Injection Attacks, Know how to Identify a Command Injection vulnerability in a NodeJS Server, ans Operating System and exploiting it to get control over the remote Access.

Continue reading heart

2.2 K

Malware Inside Malware Analysis

Advanced proficient in Identifying various types of Malicious documents, extracting and Analyzing embedded objects, Dynamic Analysis techniques to uncover Malicious behavior.

Continue reading heart

218

Wired Equivalent Privacy Attacks

Wired Equivalent Privacy (WEP) and the various attacks that can compromise it. We'll explore how to identify access points configured with WEP.

Continue reading heart

104

Injection Vulnerability Using thc-Nuclei

Nuclei is a modern, high performance vulnerability scanner that leverages simple .yaml based templates.

Continue reading heart

4.9 K

Active Directory

Senior Active Directory PenTester

BloodHound Enterprise, and BlackMarlinExec tool. A GUI software to Gather and analyze data gathered using the ingestor.

How this information can be used as input to other tools during later parts of an Active Directory and End-Points Penetration Test.

Continue reading heart

1.7 K

Active Directory ADCS Escalation Attacks

Senior Windows Penetration Test. Privilege escalation Attacks by abusing Misconfigurations in Active Directory Certificate Services.

Continue reading heart

1.7 K

NTLM Relaying and Relay Attacks

NTLM relay is a powerful Offensive technique attackers use to compromise Active Directory environments, even Networks.

Continue reading heart

283

Compromising Enterprise Networks

Simulated External Penetration Testing, resulting in internal network access and ultimate Compromise of the Active Directory environment.

Continue reading heart

6.1 K

Advanced Microsoft MSSQL Injections

This post is part of a series of MSSQL Injection Sheets. This helps to highlight any features which are lacking for each Database, and enumeration Techniques.

Continue reading heart

821

Windows MSSQL and SCCM Attacks

Penetration Testing on this technologies like MSSQL, Exchange, and SCCM, which are indispensable in most modern Organizations. They are tightly Incorporated in medium to large Businesses, assisting their operations.

Continue reading heart

4.3 K

Advanced Windows Lateral Movement

Windows Lateral Movements, Abusing Windows Common Services for Exploitation with Different techniques for executing, Service Attacks.

Continue reading heart

901

Active Directory Senior Enumeration

Windows is easily Misconfigured and has many inherent flaws and widely known vulnerabilities. Due to the sheer number of objects and in AD and complex intertwined relationships that form as an Active Directory Networks grows.

Continue reading heart

289

Environments Tester Specialist

Security Environment Penetration Testing

Senior Red Team Operator, Specialist, and Leader to Create a member of a group that Simulates an Attacks on a Clients systems to test Security measures.

Continue reading heart

11.8 K

Environments Expert Kerberos Attacks

Compromising Systems and Gain an Authenticate and access services on a Potentially insecure Networks. It presents us with a significant Attacks surface when assessing internal Networks.

Continue reading heart

5.5 K

Mapping Environment with BlackMarlinExec

Attack Paths Management. BlackMarlinExec Uses graph and analysis theory to reveal the hidden and unintended relationships within an Active Directory and Active Environment.

Continue reading heart

832

Effective C2 Control Deployment

Snipe from Afar C2 Operations (Sliver)

Command and Control from another Environment, Completion of the Penetration Tester Master and Understanding of the basic components of an Active Directory Exploitation.

Continue reading heart

8.4 K

Corporate Osint 909 : Reconnaissance

Learn how to Covers the OSINT phase of a security assessment. Strong OSINT skills are essential for penetration testers and red teamers. They can often lead to information crucial to the success of the engagement, such as a foothold into the target Networks.

Continue reading heart

11 K

Internal Execution Buffer Overflows x86

Active Directory Windows Binary Exploitation, and it will teach you how to exploit local and remote Buffer Overflow on Windows machines.

Continue reading heart

1.6 K

Server Side Request Forgery Attacks

Covers how to Identify and Exploit Server-Side bugs, including Server-Side Request Forgery (SSRF), Server-Side Template Injection (SSTI), and Server-Side Includes (SSI) injection Attacks.

Continue reading heart

2.9 K

Advanced Web and API Service Attacks

Security related Misconfigurations in a Web service or API can have devastating consequences that range from Denial of Service and information leakage to remote code execution.

Continue reading heart

13.4 K

Exploiting XSLT Injection Vulnerability

Know how to Identifying and Exploiting SSTI vulnerabilities, Identifying and Exploiting SSI Injection vulnerabilities, Identifying and Exploiting XSLT Injection Flaws.

Continue reading heart

930

Senior Directory Services Execution

Active Directory 909 : Misconfigurations

Know how to centralized Domain Administrator, Authentication, and much more. Due to the many features and complexity of Active Directory, it presents a large Attack surface.

Continue reading heart

3.3 K

Windows Knowledge Attacks and Defense

What is the the most commonly abused and fruitful attacks against Active Directory environments that allow Hackers to perform horizontal and vertical privilege escalations in addition to lateral movement. The core goals is to showcase prevention and detection methods against the covered Active Directory attacks.

Continue reading heart

15.2 K

Pivoting and Privilege Escalation 909 : OS

Using one compromised machine to access another is called pivoting and allows us to access networks and resources that are not directly accessible to us through the Dead host.

Continue reading heart

283

Intermediate .NET Service Attacks

Learn how to Enumerate each service and machines to test it against known Vulnerabilities and exploits with a standard set of Tools and Software.

Continue reading heart

6 K

Ubuntu Kerberoasting With EXECTRINITY

ExchangeBeros to attack Kerberos Authentication. Kerberoasting with ACL abuse capabilities. Supports an attackers to perfrom a Kerberos Attacks and NTLM Relay Attacks.

Continue reading heart

CREST's Security Ambassador

Master Authentication Kerberos Attacks

Just suggest to People who want to take CREST Exams to Learn a large Amount of Authentication, or Deeper into three party Authentication, and Systems Authorizations like Kerberos.

Continue reading heart

8.2 K

CREST CCT APP Exam Preparation

Contribute to CREST's CCT APP exam. The following CCT APP syllabus areas ID's are covered: A1, A2, A3, A4, A5, B1, B4, B5, B6, B8, B9, B13, B14, C1, C2, C3, C4, D1, D2, E1, E2, E3, E4, E5, E9, F1, F2, F3, F4.

Continue reading heart

21.9 K

CREST CPSA and CRT Exam Preparation

Contribute to CREST's CPSA and CRT exams. The following CPSA and CRT syllabus areas ID's are covered: A1, A2, A3, A4, A5, B1, B4, B5, B6, B8, B9, B13, B14, C1, C2, C3, C4, D1, D2, E1, E2, E3, E4, E5, E9, F1, F2, F3, F4.

Continue reading heart

8.8 K

CREST CCT INF Exam Preparation

Contribute to CREST's CCT INF exam. The following CCT INF syllabus areas ID's are covered: A1, A2, A3, A4, A5, A8, A9, A10, B1, B2, B4, B5, C1, C2, C3, C4, C6, C7, D1, D2, D5, D9, D10, D13, D14, D15, D18, D19.

Continue reading heart

16.2 K

Advanced Attacks Protected WIFI (WPS)

Know about Networking and intricacies of WPS. Their common Vulnerabilities that plague this technology. From Bruteforce Attacks to more sophisticated Exploitation.

Continue reading heart

9.1 K

Senior Tenet of Penetration Testing

To move into more Advanced Binary Exploitation, we must have a firm grasp on basic buffer overflow attacks, principles such as CPU architecture, and CPU registers for 32 bit Windows and Linux systems.

Continue reading heart

4.9 K

WIX and WordPress Web Domain Attacks

Use XSHM to identify WordPress websites running on Internal Networks and behind firewalls and also launch a login Bruteforce Attacks on them.

Continue reading heart

270

HackTheBox Academy Assessor's

Outside the Box Thinking and Vulnerability Chaining Assessor.

Penetration Testing

Specialist
Information Gathering and reconnaissance techniques Update.

Penetration Testing

Specialist
Contribute to Commercial grade Report Requirement.

Penetration Testing

Advanced and Specialist
Continuous Evaluation and think Outside the Box.

Bug Bounty Hunter

Advanced and Specialist
Outside the box Thinking and Vulnerability Chaining.

Bug Bounty Hunter

Advanced and Specialist
Making sure that CWEE was Capable of Real Hands-on and Real world Web Exam Environment.

Web Exploitation

Expert and Specialist

Offensive Security's Ambassador

Cryptography and Low Level Programming C Skill Path Lab's Assessor.

Offensive Security

Cryptography Path
Part of PEN-300 : Lab Assessor for Advanced Evasion Techniques and Breaching Defenses.

Offensive Security

Experienced Penetration Tester
PEN-200 (PWK) and Active Directory Preparator for OSCP+.

Offensive Security

Certified Professional
Part of foundations of Cybersecurity Defense.

Offensive Security

Defense Analyst
Web Assessor OSWA.

Offensive Security

Websites Assessor
Kerneling Operating System defenses.

Offensive Security

MacOS Researcher

Defensive Security

Defensive Security Analyst and Engineer

I think the most Important skills in Defensive Cybersecurity Domain was to be able perform SOC operations, and incident handling skills.

As a SOC and SIEM Analyst, Operator, and Engineer I have a Proven Track on my Career in Defensive Security Analyst that can be a Strong prove of such Knowledges.

Continue reading heart

537

Backdoor, Payloads, and Remote Access

Knowledge to Identify and use Shells and Payloads to establish a foothold on vulnerable Windows, Linux, and OSX Systems.

Continue reading heart

938

Injection Attacks 909 : Intermediate

As a Database and Web App Defender, we Should know what kind of Injection Attacks that could be Fatal and Critical such as XPath, LDAP, NoSQL injections, Server Side Request Forgery or SSRF, and Local File Inclusion or LFI.

Continue reading heart

118

Senior Deserialize Attacks and .NET

Level up your Defensive Knowledge by Understanding Custom Exploit Development and Whitebox Penetration Test such as .NET Deserialization and exploit Development.

Continue reading heart

8.4 K

Senior NoSQL Injections Attacks

Understanding Framework and Database for every Services on their BackEnd System was a Critical Knowledges for IT Security, Especially Web Developers.

Continue reading heart

1.4 K

Kerberos Attacks Traffic Analysis

Kerberos Traffic Analysis using CracKerBlitz. From networks or Domain controller log Perspective, since CracKerBlitz Implements many Parts of the normal Kerberos.

Continue reading heart

Sharingan Vision Assessor

Blind Authentication Mechanism Attacks

Broken authentication is listed as the OWASP Top 10 Web Application Security Risks, falling under Category of Identification and Delegation. Misconfiguration at the Protocol stage can give a huge Impact.

Continue reading heart

6.8 K

JavaScript and NoSQL Injection Attacks

Understanding NoSQL injection is a vulnerability where an attacker is able to interfere with the queries that an application makes to a NoSQL database. Such as Python Injection, HTML Injections, and more.

Continue reading heart

1.2 K

Active Directory Access Control List

Discretionary Access Control List or DACL for Privilege Escalation in a Domain environment. This potential attack vector involves the creation of an escalation path based in AD object permissions (DACLs). For example, gaining “Reset Password” permissions on a privileged Account.

Continue reading heart

5.1 K

Web Fuzzing Expert Using httpx

Learning Web Fuzzing to discover a hidden Directory with httpx, Automated fuzz testing is one of the best ways to secure complex web applications.

Continue reading heart

5.1 K

Cracking any Password with Hashcat

Any Password combination was crackable, 300 highly optimized hashing algorithms. hashcat currently supports CPUs, GPUs.

Continue reading heart

21.2 K

Protocol Assessor

Offensive SSH Login and Web Cracker

Senior understanding and exploration of Brute Forcing Attacks techniques, including the use of tools like Hydra and Medusa. Carious attack scenarios, such as targeting SSH, FTP, and web login forms.

Continue reading heart

490

Intermediate Cross Site Scripting XSS

Cross-Site Scripting or XSS Vulnerabilities are among the most common Web Application vulnerabilities. An XSS vulnerability may allow an attacker to execute arbitrary JavaScript code within the target's browser.

Continue reading heart

2.8 K

Password and Hashes text Attacks

Creating custom wordlists, Knowledge to Crack a strong Passwords with 100 Billion Dictionary Attacks.

Continue reading heart

193

Offensive Hijacking Hardware Attacks

Bluetooth risks and attacks, Cryptanalysis Side Channel Attacks, and Vulnerabilities like Spectre and Meltdown. Explores the principles of Cryptanalysis and different side channel Attacks.

Continue reading heart

211

Advanced Intercept and File Uploads

Arbitrary file Uploads are among the most Critical Web Vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary commands on the back-end server, and even take control over the entire server and all Web applications.

Continue reading heart

9.2 K

Senior iCloud Password Attacks

Advanced Apple ID and Credentials BruteForcer. iCloud Apple ID Dictionary Attack that Bypasses Account Lockout restrictions and Secondary Authentication.

Continue reading heart

2.5 K

Offensive Projects

Offensive Projects and Cool Repositories

I'm the author of Several Open Source Offensive Security tools and Software for Research, Ethical Hacking, Bug Hunting, and Penetration Testing.

I'm the Creator of BreedHoundAD, Grizzly, PasswordCracker, Jester, CrackMacExpo, Ronin the Shogun, Injectionmap_v2, Teeth Smilodon, CrypeAlbatros, BlackMarlinExec, EXECTRINITY and many more on my Github and Gitlab Profile.

Continue reading heart

22.6 K

Seven Degrees of Domain Admin

There are already several Active Directory tools available. However, none does like BlackMarlinExec. Support more than one protocol to find an Attack Path or support connections.

Continue reading heart

126

John the Ripper X Teeth Smilodon

PasswordCracker Projects is a Password and Logon Cracking tool that Combine John the Ripper and Teeth Smilodon Cybertooth. It can be used for Online and Offline scenario.

Continue reading heart

10.3 K

BARK

Exclusive Powershell script. BloodHound Attack Research Kit or BARK, is Versatile tool for BloodHound. This research kit was in @byt3n33dl3 version and modification.

Continue reading heart

475

Ronin the Shogun for JavaScript Injection

Introducing Ronin, the automatic Cross-site injection attacks with JavaScript Payloads. XSS, XXE, SXSS, RXSS, SSTI, XSSI, CSRF, SSRF, CRLF, and XS-Leaks.

Continue reading heart

388

NTLM Relay Attacks with CrackMapExec

Relaying Attacks are very much still relevant. Having SMB Signing disabled in combination with Multicast or Broadcast protocols allow attackers to seamlessly Intercept Authentication attempts.

Continue reading heart

709

RFID Attacks with Evil Flipper

Translations, Wiki, Scripts and various files for Flipper Zero for Radio Frequency Research. Flipper Zero Unleashed Firmware flipperunleashed.com

Continue reading heart

17.2 K

Advanced Networks Map Enumeration

Know how to use Nmap efficiently to map out the internal Networks by identifying live hosts and performing port Scanning, service Enumeration, and Operating system detection.

Continue reading heart

4.2 K

Offensive Toolkit

Cyber Guardian Elite

Intermediate Attacks

Attacking Enterprise Service and Network

My most Complicated and Difficult to analyze Experience of Penetration Test, from Start to Finish. Attack and Compromising a whole Enterprise Corporate Building.

Continue reading heart

7 K

Website Application Penetration Testing

I think Website Applications was the best for learning and Understanding Code bases. Including Debug and Misconfigurations.

Continue reading heart

1 K

Advanced Supply Chain Attacks

Senior Cycle Attacks and Supply Chain Attacks, Covering hardware and software aspects. It Explores the impact of Supply chains, the lifecycle of Attacks, Apecific vulnerabilities, and Mitigations.

Continue reading heart

2.6 K

MacOS Bypassing and Lateral Movement

Lateral Movement and Bypassing MacOS or OSX Kernel to get Remote Access and Remote Code Execution.

Continue reading heart

10.4 K

Command and Control with C2KepExec

C2 : Command and Control Server for the Trojan Backdoor, acting as Remote access tool.

Continue reading heart

Hackers Conference

Conference Exec at BlackHat & DEFCON

The best known Hackers conference on earth. It's also one of the largest and longest running underground Hacker conference. Me personally never went to BlackHat or DEF CON live Conference.

However, some of my Projects and Repositories were being presented on DEF CON 2024 such as PasswordCracker and Ronin the Shogun.

Continue reading heart

8.3 K

PasswordCracker Presentation

A short Presentation of how My repo PasswordCracker can be used for Cracking Logon page on Microsoft Outlook Mail using Dictionary Attacks and Brute Force method.

Continue reading heart

779

Ronin the Shogun Presentation

Ronin the Shogun testing, for Automatic XSS and CSRF attacks on Web Service Machines at DEF CON. With rich JavaScript Payloads on it's library, this one was a Success.

Continue reading heart

351

Hydra Enterprise Preparation

CorpHydra Project in Progress. This project was Aim to do Penetration Testing for any Logon or Credential page, Cracking at Enterprise level.

Continue reading heart

9.6 K

Cyber Operations : Standalone Attacks

The bare Minimum Knowledges to Perform a Professional Penetration Tester Alone. Attacking Windows and Linux targets, Active Directory penetration testing, Web Penetration testing, and Exploitation.

Continue reading heart

3.9 K

Blind Injection Shot Injectionmap_v2

Preparation for Releasing Injectionmap_v2, the Automatic Injection attacks. Blind SQL, NoSQL, SQL, Blind GQL, GQL, Command, and much More.

Continue reading heart

824

Intermediate Cyber Offensive : Execute

Become a high level Cyber Security professional who uses their skills and knowledge in Ethical Hacking to identify vulnerabilities and weaknesses in Computer Systems, Networks, and, Website, more.

Continue reading heart

14.6 K

Active Directory Expert Tester

Senior technical competency in Active Directory and Windows penetration testing, understanding complex Attack Paths, and employing Advanced techniques to Exploit them.

Continue reading heart

2 K

Zero Click Exploit iOS Jailbreak Execution

This year me and my Offensive Cyber team Gangsta Crew releasing our most Best Selling product, Introducing CarpaAlko Enterprise iOS Surveillance.

Continue reading heart

438

Active Directory BloodHound

Just want to Congrats BloodHound to make it into Enterprise level, Thanks to SpecterOps.

Attack Paths cannot be patched through traditional methods because they are Misconfigurations.

Continue reading heart

11.4 K

Network Traffic 909 : Wireshark Enterprise

Wireshark is a Network Traffic Analyzer, or "sniffer", for Linux, MacOS, BSD, and other Unix and Linux operating systems and for Windows. It uses Qt, a graphical user interface library, and libpcap and npcap as Capture.

Continue reading heart

7.2 K

Send Message

Contact Me

Hello! My name is Sulaiman, I go by byt3n33dl3 on the Intertubes.

I'm the author of a number of Open Source Offensive Security tools such as BlackMarlinExec, PasswordCracker, CrackMacExpo, Ronin the Shogun, Injectionmap_v2 and many more which you can find on my Github Profile.

As a Penetration Tester specializing in Web Applications, Mobile App security, Operating Systems, Networks, Online Services, and Active Directory. I have a proven track record of conducting tests for high profile clients.

I'm also doing a physical Penetration Testing on a Corporate or any Industry, Security system, and else.

If you want to chat with me casually, just join our Open Source Organization GangstaCrew, Sharks Attacks.

byt3n33dl3@proton.me

Thanks to:
Telkomsel and HackTheBox