0xd4y

Senior Penetration Tester | Red Teamer | Global Top 0.1% at TryHackMe and HackTheBox

┌─[0xd4y@Writeup]─[/root/Writeups]
└──╼ $

bash ~/welcome.sh

On this page you can find my written reports, notes, and videos on my YouTube channel. You can search for videos and writeups by using the search feature located at the top right of the webpage.

8 min read Mar 7, 2021

Active Writeup

This was a fantastic box about the Windows Active Directory service. It showed the importance of managing your passwords in a secure way, as well as having strong passwords that are hard to crack. Something that really makes this box stand out is not so much the vulnerabilities themselves, but rather the reason why they are easily exploitable in the first place. Microsoft essentially made themselves vulnerable, as they spoke a little bit too much on THEIR OWN website! Come check out the writeup to see what I mean.

0xd4y in SMB GPP Windows

10 min read Feb 27, 2021

Bastion Writeup

A very realistic box with many things to learn. Misconfigurations can be a dealbreaker when it comes to a certain attack vector. There has always been a conflict between security and convenience, and this box highlights it. I go very in-depth about multiple aspects in this box relating to bastion hosts and credential databases. I hope you learn as much from this writeup as I did from this challenge!

0xd4y in SMB NTLM Relay

9 min read Feb 21, 2021

Bank Writeup

This is a really cool box that has a couple of interesting twists. I go through the unintended solution (the way I went about the machine) and the intended solution. There is a lot to learn here about web security and networking, and I highly encourage you to read this writeup.

0xd4y in Open Redirect RCE

5 min read Feb 5, 2021

Keldagrim Writeup

A realistic box. Many things were learned during this challenge, and I highly recommend reading this writeup.

0xd4y in Python SSTI

8 min read Jan 21, 2021

Avengers Writeup

A fun CTF-like box with an easter egg and cool (unintended) foothold. I root this box in a quite unique way, which the author of the box certainly did not intend.

0xd4y in SQLi RCE Bash Injection

0xd4y

bash ~/welcome.sh

Active Writeup

Bastion Writeup

Bank Writeup

Keldagrim Writeup

Avengers Writeup

Latest Posts

PwnedLabs (GCP) - SSRF with Gopher

PwnedLabs (GCP) - Hidden Files

0xd4y

bash ~/welcome.sh

Active Writeup

Bastion Writeup

Bank Writeup

Keldagrim Writeup

Avengers Writeup

Latest Posts

PwnedLabs (GCP) - SSRF with Gopher

PwnedLabs (GCP) - Hidden Files

YouTube Channel