Penetration-Testing on HackingPassion.com : root@HackingPassion.com-[~]https://hackingpassion.com/tags/penetration-testing/Recent content in Penetration-Testing on HackingPassion.com : root@HackingPassion.com-[~]HugoenThu, 28 May 2026 15:57:49 +0200Honeypots Set the Trap Watch the Attackers and Know When You Are Standing in Onehttps://hackingpassion.com/honeypot-ethical-hacking/Thu, 28 May 2026 15:57:49 +0200https://hackingpassion.com/honeypot-ethical-hacking/<h1 id="honeypots-set-the-trap-watch-the-attackers-and-know-when-you-are-standing-in-one">Honeypots: Set the Trap, Watch the Attackers, and Know When You Are Standing in One</h1> <p>Put a server on the internet with port 22 open and the first login attempt arrives within minutes, not days. Automated scanners sweep through IPv4 addresses around the clock, and anything with an open port gets added to a target list almost immediately. A honeypot is built to be found exactly like this, because getting found is the point. This post covers what honeypots actually are, what attackers do in the first thirty seconds after getting in, how to set one up and test it, how to recognize one during a pentest, and the advanced setups for when things get serious.</p>PhantomRPC: Windows Has a Privilege Escalation Problem Microsoft Won't Fixhttps://hackingpassion.com/phantomrpc-windows-privilege-escalation/Tue, 28 Apr 2026 10:21:13 +0200https://hackingpassion.com/phantomrpc-windows-privilege-escalation/<p>Last week at Black Hat Asia in Singapore, a Kaspersky researcher publicly demonstrated <strong>PhantomRPC</strong>: five separate ways to take any standard Windows service account straight to full <strong>SYSTEM</strong> access, confirmed working on fully patched Windows Server 2022 and Windows Server 2025. Microsoft already knew. They received the ten-page technical report months ago, called it <strong>moderate severity</strong>, assigned no CVE, and closed the case. There is no patch.</p> <p><strong>RPC</strong> stands for Remote Procedure Call, and it is the system that Windows services use to send requests to each other directly in the background. When one service needs something from another, it sends a request through RPC. This happens constantly, hundreds of times per minute, completely invisible to whoever is sitting at the machine.</p>Exploit Eye - CVE and Vulnerability Search Tool for Ethical Hackershttps://hackingpassion.com/exploit-eye-cve-vulnerability-search-tool/Tue, 18 Nov 2025 15:43:40 +0100https://hackingpassion.com/exploit-eye-cve-vulnerability-search-tool/<p>When you&rsquo;re hunting for vulnerabilities, you jump between three different websites. NVD for CVE data. Exploit-DB for working exploits. GitHub for proof-of-concept code.</p> <p>That&rsquo;s annoying. You lose time. You miss things.</p> <p>I built Exploit Eye to fix that.</p> <h2 id="the-problem">The Problem</h2> <p>Here&rsquo;s what happens when you research a vulnerability. You find a CVE number somewhere. CVE-2025-1234, for example.</p> <p>First, you check the National Vulnerability Database. You find details there. Severity scores. Affected versions. The description tells you what&rsquo;s vulnerable.</p>