https://hexpysya.github.io/tags/chromehistoryview/Recent content in ChromeHistoryView on bubka hacks stuffHugo -- gohugo.ioen-usMon, 16 Feb 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-workfromhome/Mon, 16 Feb 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-workfromhome/A victim clicked a phishing link impersonating a corporate login page, leading to credential theft. The attacker used stolen credentials to gain RDP access, then escalated privileges via SeManageVolumeExploit, deployed malicious DLLs using certutil, and established persistence through a hidden VBS script in the Startup folder.