What's your favorite error in labs that took you hours to fix?
A few of my examples from this week:

- my VPN tunnel was silently dropping large packets (MTU)
- LinPEAS was screaming because /bin/sh is dash, not bash
- I killed my nmap scan trying to close a tmux pane

wrote it all up so you don't have to suffer the same way

also: netcat is just a pipe. that's it. people using nc -lvnp 4444 often seem to forget what nc really does.

→ https://niklas-heringer.com/skills-lab/linux-lab-pitfalls/

#linux #infosec #pentesting #ctf

Working through the HTB Windows PrivEsc module I keep drowning in edge cases.

I tried to distill what actually matters when you're starting out/ preparing for a cert, e.g.:
SeImpersonate → SYSTEM in one tool call. DnsAdmins → malicious DNS DLL. Server Operators → service binary hijack. And always whoami /all, not just whoami /priv.

Full walkthrough + real shell output:
niklas-heringer.com/skills-lab/windows-privilege-escalation-02-privesc-paths/

#infosec #pentesting #oscp #hackthebox

just dropped Windows PrivEsc 01: Initial Enumeration

the part where HTB boxes stop being "just like Linux" hihi

network recon, Defender/AppLocker analysis, process hunting, patch enumeration. command output, reasoning behind every step and quizzes to memorize them

part 1 of a series:
https://niklas-heringer.com/penetration-testing/windows-privilege-escalation-01/
#pentesting #windows #infosec #hackthebox #ctf