Attack Paths
SEARCH
CATEGORIES
TAGS
AWS Misconfiguration Leads to Buckets of Data
December 8, 2023
Misconfigured AWS Role Enables Cloud Initial Access
Apache ActiveMQ RCE Leads to Domain Compromise
December 1, 2023
Pervasive CISA Known Exploited Vulnerability Enables Initial Access
NodeZero Pivots Through Your Network with the Attacker’s Perspective
August 7, 2023
A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.
Privileged Credentials Often Bite Back
August 7, 2023
Active Directory Analytics Solution Enables Domain Compromise
Low-Level Credentials Can Get Big Gains
July 26, 2023
Combining Compromised Credentials Enables Domain Takeover
Veeam CVE Leads to Full Compromise
July 26, 2023
Low-Level Vulnerability Leads to Domain Compromise
You Can’t Manage Risk if You Lack Context
June 29, 2023
Low-Level Vulnerability Leads to Domain Compromise
Hack The Box – Mirai
December 6, 2021
NodeZero compromised HTB’s Mirai machine by using default SSH creds for user pi, then escalated to root via unrestricted sudo access—gaining full control.
Hack The Box – Jerry
September 16, 2021
The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.
Hack The Box – Active
September 5, 2021
NodeZero compromises the "Active" machine on Hack The Box by chaining classic Active Directory vulnerabilities: GPP password exposure, Kerberoasting, and CVE-2020-1472 (ZeroLogon). This advanced walkthrough builds on earlier feedback and demonstrates multiple escalation paths to Domain Admin.
