skoving

Overview

Overview

Windows Internals

DLL loading, hijacking, proxying, and injection techniques.

Windows Internals

Portable Executable format: headers, sections, imports, and exports.

Windows Internals

Processes & Threads

Process creation, hollowing, injection, and thread manipulation.

Windows Internals

Security Mechanisms

ASLR, DEP, CFG, PPL, and Windows security subsystem internals.

Windows Internals

Virtual memory, section objects, VAD trees, and mapped files.

Active Directory

Kerberoasting, AS-REP, delegation attacks, and ticket abuse.

Active Directory

Local Administrator Password Solution — enumeration and bypass.

Active Directory

Certificate Services (AD CS)

ESC1–ESC8 abuse, template misconfigurations, and certificate theft.

Post-Exploitation Enumeration

Host and domain enumeration after initial foothold.

Privilege Escalation

Local and domain privilege escalation techniques on Windows.

Lateral Movement

Pass-the-Hash, Pass-the-Ticket, WMI, DCOM, and SMB relay.

Registry, scheduled tasks, services, and AD persistence mechanisms.

Avoiding detection: log evasion, AMSI bypass, and EDR blinding.

Proxying & Traffic Channeling

SOCKS proxies, port forwarding, and traffic redirection techniques.

Cross-site request forgery — patterns, bypasses, and SameSite evasion.

Introspection, batching attacks, IDOR, and auth bypass in GraphQL APIs.

HTTP Request Smuggling

CL.TE and TE.CL desync, server-side request poisoning.

Algorithm confusion, none algorithm, kid injection, and secret cracking.

Business logic vulnerabilities, price manipulation, and workflow bypass.

Race Conditions

Single-endpoint and multi-endpoint races, limit overrun, and TOCTOU.

WebSocket Attacks

CSWSH, message hijacking, and WebSocket-based SSRF chains.

no results — try a different filter