A quick example showing loading CLR via native code - clr_via_native.c| Gist
Docker has become such an integral part of my worfklow recently. These examples should demonstrate how Docker can help you be a more efficient pentester| ropnop blog
The newest Windows 10 update includes OpenSSH utilities, including ssh-agent. Here’s how to extract unencrypted saved private keys from the registry| ropnop blog
After lots of mucking around, this is the bare minimum configuration I found to successfully connect to and mange Hyper-V in a non-domain network| ropnop blog
If you end up with a copy of NTDS.dit and the SYSTEM registry hive, you can extract domain computer info offline and user NTLM hashes for cracking.| ropnop blog
I often need to copy a tool or a payload from my Kali linux attack box to a compromised Windows machine. These are some of my favorite techniques.| ropnop blog
TLDR: You can now inject .NET Assemblies into Windows processes using this repo: https://github.com/TheWover/donut/| thewover.github.io