Encrypted Thoughts | Cybersecurity, Pentesting & Threat Intelligence

Swagger & OpenAPI Security The Complete Attack Reference Every CVE, misconfiguration, exploitation technique, PoC payload, Burp Suite example, and defensive countermeasure — covering 2020 through 2025. 15+ CVEs Documented XSS · RCE · DoS · SSRF · Path Traversal Burp Suite Examples PoC Code Included 📋 Table of Contents Introduction — Why Swagger Is a High-Value Target Reconnaissance — Discovering Exposed Swagger Instances Master CVE Reference Table (2020–2025) CVE Deep-Dive: DOM XSS via DOMPurify Bypass (≥3.14.1 <3.38.0) CVE-2018-25031 — UI Spoofing & Clickjacking CVE-2021-46708 — Clickjacking in swagger-ui-dist CVE-2022-24863 — DoS via Memory Exhaustion (http-swagger) CVE-2023-38337 — Path Traversal in rswag CVE-2024-22207 — File Disclosure in fastify-swagger-ui CVE-2024-7565 — RCE in SoapUI (SmartBear) SSRF via ?url= Parameter Critical Misconfigurations ...

AD CS "Certified Pre-Owned" Cheatsheet Abusing Active Directory Certificate Services — Commands, Techniques & Defences Based on the whitepaper by Will Schroeder & Lee Christensen (SpecterOps) · v1.0.1 THEFT1–5 PERSIST1–3 ESC1–8 DPERSIST1–3 PREVENT1–8 DETECT1–7 Table of Contents Background & Key Concepts Authentication EKU OIDs Certificate Enrollment Methods AD CS Enumeration Certificate Theft (THEFT1–5) Account Persistence (PERSIST1–3) Domain Escalation (ESC1–8) Domain Persistence (DPERSIST1–3) Defensive Guidance (PREVENT & DETECT) Tool Reference 1. Background & Key Concepts Active Directory Certificate Services (AD CS) is Microsoft's PKI implementation that integrates with Active Directory forests. It provides encryption, digital signatures, and — critically — user and machine authentication to AD. Although not installed by d...