Posts tagged: windows
6 posts
HTB: Overwatch
HTB Overwatch walkthrough: HackTheBox Windows machine solution with locked content for security. Medium difficulty box involving WCF, SOAP, and MSSQL exploitation techniques with restricted access per HTB policy.
Read More →SMBv1: The Protocol That Enabled EternalBlue
An exploration of SMBv1's vulnerabilities, how EternalBlue exploited them, and the lasting impact on cybersecurity practices.
Read More →POC CVE-2025-49144: Binary Planting via Unqualified Executable Search Path
Proof-of-Concept demonstrating binary planting vulnerability through insecure executable search path in Notepad++ installer, leading to arbitrary code execution with elevated privileges.
Read More →Windows 11 Native Sysmon: Built-In Telemetry Without the Deployment Pain
Microsoft is integrating Sysmon directly into Windows 11 and Windows Server 2025, eliminating manual deployments and giving defenders richer telemetry, simpler reporting, and faster threat visibility.
Read More →System Monitor (Sysmon)
System Monitor (Sysmon) is a Windows system service and device driver that monitors and logs system activity to the Windows event log, providing detailed information about process creation, network connections, and file changes.
Read More →Windows Event ID 4624: Successful Logon Analysis
Windows Event ID 4624 guide: Complete analysis of successful logon events, logon types (interactive, network, RDP), security monitoring, and blue team detection techniques for Windows authentication events and security monitoring.
Read More →