IIS

Windows machine demonstrating IIS upload bypass with web.config abuse and kernel exploit privilege escalation.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Windows machine demonstrating Gitea access token exposure, repository-backed web deployment, mRemoteNG credential recovery, and PDF24 local privilege escalation.

Windows machine demonstrating phishing through a malicious LibreOffice document, IIS web root abuse, SeImpersonatePrivilege, and local administrator access through GodPotato and RunasCs.