rcat

Windows machine demonstrating unauthenticated file upload leading to CloudMe buffer overflow exploitation and administrator access.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Windows machine demonstrating Gitea access token exposure, repository-backed web deployment, mRemoteNG credential recovery, and PDF24 local privilege escalation.

Windows machine demonstrating macro-based phishing, hMailServer database credential recovery, lateral movement over RDP, and Veeam Backup exploitation.