Attack Paths
SEARCH
CATEGORIES
TAGS
Apache ActiveMQ RCE Leads to Domain Compromise
December 1, 2023
Pervasive CISA Known Exploited Vulnerability Enables Initial Access
NodeZero Pivots Through Your Network with the Attacker’s Perspective
August 7, 2023
A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.
Privileged Credentials Often Bite Back
August 7, 2023
Active Directory Analytics Solution Enables Domain Compromise
Low-Level Credentials Can Get Big Gains
July 26, 2023
Combining Compromised Credentials Enables Domain Takeover
Veeam CVE Leads to Full Compromise
July 26, 2023
Low-Level Vulnerability Leads to Domain Compromise
You Can’t Manage Risk if You Lack Context
June 29, 2023
Low-Level Vulnerability Leads to Domain Compromise
Hack The Box – Mirai
December 6, 2021
NodeZero compromised HTB’s Mirai machine by using default SSH creds for user pi, then escalated to root via unrestricted sudo access—gaining full control.
Hack The Box – Jerry
September 16, 2021
The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.
Hack The Box – Active
September 5, 2021
NodeZero compromises the "Active" machine on Hack The Box by chaining classic Active Directory vulnerabilities: GPP password exposure, Kerberoasting, and CVE-2020-1472 (ZeroLogon). This advanced walkthrough builds on earlier feedback and demonstrates multiple escalation paths to Domain Admin.
Hack the Box – Blue
August 27, 2021
NodeZero exploited EternalBlue on HTB’s Blue machine to gain system access and dump credentials, showing the risk of unpatched SMB vulnerabilities.
