sado

I’m sado, a Cyber Security Engineer specializing in penetration testing and offensive security. Voidread is where I share my notes, writeups, and practical insights from real-world assessments and research

Recent Posts

Enable AVX/AVX2 Support in Kali VM on VirtualBox

June 21, 2025

Enabling AVX/AVX2 in Kali Linux VM on VirtualBox (from Windows Host)

timewrap: A Handy faketime Alias Using NTP

June 12, 2025

timewrap: Faketime + NTP Helper for AD Lab Environments. In Active Directory labs, we often need to manipulate system...

Active Directory Certificate Services (AD CS) Exploitation – ESC Paths Cheatsheet

June 11, 2025

Web Shell via Polyglot ZIP + PDF Upload Bypass

June 10, 2025

Technique 1: Null Byte Bypass (\x00) Create a fake .pdf that contains a valid header, and append a .php shell: ❯ cat ...

SeManageVolumePrivilege Exploit

June 10, 2025

Abusing the SeManageVolumePrivilege allows low-privileged users to perform raw volume access — often used for LSASS d...

Certipy Shadow Credentials (KeyCredentialLink Abuse)

June 10, 2025

Shadow Credentials are a stealthy method of impersonating users in Active Directory environments by injecting a forge...

Linux Privilege Escalation via Sudo Misconfiguration

June 06, 2025

Sudo misconfigurations on Linux systems provide a common vector for privilege escalation. Attackers exploit overly pe...

CEH v13 Engage

June 06, 2025

CEH v13 Engage CEH Engage Part 1 Challenge 1: An attacker conducted footprinting on a web application and saved the r...