Encrypted Thoughts | Cybersecurity, Pentesting & Threat Intelligence

A comprehensive guide to security testing AEM deployments with automation tools and advanced techniques Author: Pentester | Published: September 30, 2025 | Reading Time: 15 minutes AEM Penetration Testing Security Adobe Automation Python Nuclei CMS Security 📋 Table of Contents 1. Introduction 2. AEM Fingerprinting 3. High-Value Endpoints 4. Common Misconfigurations 5. Recent Vulnerabilities 6. Exploitation Techniques 7. Advanced Tooling 8. Automation Script 9. Nuclei Templates 10. Hardening Recommendations 🎯 Introduction ...

This is a security advisory for a vulnerability that has been assigned a CVE identifier but has not been publicly disclosed by the vendor. This information is intended for security researchers, system administrators, and the public to promote awareness and responsible disclosure. SQL Injection in InfiniteWP Admin Panel (CVE-2024-22506) Date of Announcement: September 29, 2025 Overview A time-based SQL Injection vulnerability has been identified in the InfiniteWP Admin Panel, a web application for managing WordPress installations. This vulnerability, tracked as CVE-2024-22506 , allows an attacker to manipulate the application's database by injecting malicious SQL queries. Vulnerability Details CVE ID CVE-2024-22506 Vulnerability Type Time-Based SQL Injection Affected Software InfiniteWP Admin Panel Vulnerable Parameter appInstallHash An attacker can exploit this vulnerability by sending a crafted POST request with a malicious SQL payload in the appIns...

This is a security advisory for a vulnerability that has been assigned a CVE identifier but has not been publicly disclosed by the vendor. This information is intended for security researchers, system administrators, and the public to promote awareness and responsible disclosure. Vulnerability Announcement: Stored Cross-Site Scripting in InfiniteWP Admin Panel (CVE-2024-22507) Date of Announcement: September 29, 2025 Overview A Stored Cross-Site Scripting (XSS) vulnerability has been discovered in the InfiniteWP Admin Panel, a widely used platform for managing WordPress websites. This vulnerability, identified as CVE-2024-22507 , allows an attacker to inject and store malicious JavaScript code on the server, which is then executed in the browsers of unsuspecting users. Vulnerability Details CVE ID CVE-2024-22507 Vulnerability Type Stored Cross-Site Scripting (Stored XSS) Affected Software InfiniteWP Admin Panel Attack Vector A crafted GET request with a mali...

This is a security advisory for a vulnerability that has been assigned a CVE identifier but has not been publicly disclosed by the vendor. This information is intended for security researchers, system administrators, and the public to promote awareness and responsible disclosure. Date of Announcement: September 29, 2025 Overview A recently discovered vulnerability in the InfiniteWP Admin Panel, a popular tool for managing multiple WordPress sites, has been identified and assigned the CVE identifier CVE-2024-22505 . This vulnerability is an authenticated reflected Cross-Site Scripting (XSS) flaw that could allow an attacker to execute malicious scripts within a user's browser. Vulnerability Details CVE ID CVE-2024-22505 Vulnerability Type Authenticated Reflected Cross-Site Scripting (XSS) Affected Software InfiniteWP Admin Panel up to version 3.4.1 Vulnerable Path /lib/JqueryfileTree/connectors/jqueryFileTree.php Vulnerable Parameter hostName An aut...

In the world of Active Directory, trust relationships are the glue that holds a forest together. But what if that trust could be turned against itself? Welcome to one of the most devastating attack paths in modern cybersecurity: child-to-parent domain trust exploitation . This technique transforms a seemingly contained breach in a subsidiary domain into a forest-wide catastrophe, elevating an attacker from Domain Administrator to the almighty Enterprise Administrator in a matter of minutes. If you've ever wondered how a compromise in what appears to be a less critical child domain can lead to complete organizational takeover, you're about to discover the dark side of Active Directory's trust architecture. This guide will walk you through the mechanics, methodology, and implications of this powerful attack vector that every red teamer should master and every blue teamer should fear. Understanding the Trust Relationship: The Foundation of the Attack Active Directory for...

While Mimikatz has long been the undisputed king of Kerberos attacks, a new contender has emerged from the shadows to claim its place in the red teamer's arsenal: Rubeus . This C# powerhouse from the GhostPack suite represents the evolution of Kerberos exploitation, offering enhanced operational security, memory-only execution, and a level of sophistication that makes traditional tools look antiquated. In the world of Active Directory exploitation, where stealth and precision matter as much as raw capability, Rubeus has become the weapon of choice for sophisticated adversaries targeting parent-child domain trust relationships. If you've mastered the classic Mimikatz approach to trust exploitation, it's time to upgrade your toolkit and discover why modern red teams are making the switch to Rubeus. Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project and Vincent LE TOUX's MakeMeEnterpriseAdmin p...

By Pentester | Cybersecurity Enthusiast | Red Team | AD Hardening 📅 Published: April 5, 2025 🔖 Tags: ActiveDirectory, PrivilegeEscalation, PenTesting, PowerShell, RedTeam, CyberSecurity 💡 Introduction In any Windows enterprise environment, Active Directory (AD) is the crown jewel. Compromising a single regular user account is often just the beginning — the real prize lies in escalating privileges to Domain Administrator (DA) or even Enterprise Admin . This comprehensive guide covers: ✅ All known Active Directory privilege escalation methods ✅ Detection techniques using PowerShell ✅ BloodHound Cypher queries for visualizing attack paths ✅ A fully functional automated PowerShell audit script Whether you're a red teamer , penetration tester , or defensive analyst , this post will help you understand how attackers move from low-privilege access to full domain compromise — an...

``` Target: InfluxDB (port 8086) Affected versions: < 1.7.6 (CVE-2019-20933) Vulnerability description InfluxDB versions prior to 1.7.6 contain an authentication bypass in the authenticate function in services/httpd/handler.go . A crafted JWT token may contain an empty SharedSecret , allowing an attacker to bypass authentication and perform sensitive actions such as reading internal metrics, modifying data, or executing administrative operations. Risk No formal risk description available in original advisory. Impact depends on exposed instance and data sensitivity. Recommendation Upgrade to influxdb version 1.7.6~rc0-1 or later. Apply vendor-provided patches and restrict access to port 8086 with network controls. References Exploit: LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933 CVE-2019-20933 — MITRE NVD — CVE-2019-20933 InfluxData patch commit Exploitation ...