Very Lazy Tech 👾SSH Penetration TestingSecure Shell (SSH) is a widely used cryptographic protocol designed for secure communication over an unsecured network. Its primary use is…Sep 9, 20243Sep 9, 20243
InInfoSec Write-upsbygrepStrengthYou Need to Get on Hack the Box AcademyIt’s quality upskilling for you and your team.Oct 31, 20242Oct 31, 20242
InDev GeniusbySecurity Lit LimitedUnderstanding Path Traversal Vulnerabilities and Their ExploitationBlog Topic: Understanding Path Traversal Vulnerabilities and Their ExploitationJun 6, 2023Jun 6, 2023
InInfoSec Write-upsbyThe Cybersec CaféExploiting SQLi to Query Database Version on MySQL and MicrosoftToday, we’ll be exploiting one of the oldest and most devastating vulnerabilities out there — SQL Injection. I’ll be taking you through my…Dec 30, 2024Dec 30, 2024
Okan YıldızMastering Penetration Testing Methodology: A Comprehensive GuidePenetration testing (pentesting) is an essential exercise in assessing the security posture of an organization’s systems, networks, and…Dec 12, 2024Dec 12, 2024
InOSINT TeambyJEETPALHow I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)Free ArticleOct 12, 202410Oct 12, 202410
Ayrat MurtazinReconnaissance tools for hackingAny hack begins with collecting information about the target. The faster and better you collect information, the greater the chance of…Nov 18, 2024Nov 18, 2024
InSSD Secure DisclosurebyOded van KloetenMastering Local Privilege Escalation: How to Identify and Exploit System VulnerabilitiesLocal Privilege Escalation (LPE) refers to a type of vulnerability that allows an attacker with limited privileges (such as a regular user…Oct 10, 2024Oct 10, 2024
InOSINT TeambyHarsh HatejCracking Windows Server Active Directory users password by copying ntds.dit and system fileIn this blog i will share how to get ntds.dit and system file from the windows server via live boot and cmd methods. After this using…Sep 16, 2024Sep 16, 2024
InInfoSec Write-upsbyOfir YakovianLarge-Scale Data Exfiltration: Exploiting Secrets in .env Files to Compromise Cloud AccountsPart 1: A comprehensive analysis of the techniques used by attackers in this malicious operationSep 11, 20242Sep 11, 20242
Omar AhmedIIS welcome page to source code review to LFI!Hi, in this writeup I’ll walk you through how I managed to get a limited Local file disclousre (LFI) / Blind SSRF.Aug 31, 20243Aug 31, 20243
ParitoshActive Directory Red Teaming: A Comprehensive GuideActive Directory (AD) is a critical component in most enterprise IT infrastructures, providing authentication and authorization services to…Jun 5, 20241Jun 5, 20241
InInfoSec Write-upsbyOtt3rlyUsing Nuclei At Mass ScaleNuclei is an extremely powerful tool in Bug Bounty. Discover top things that you should know to do better than the majority using this…May 20, 20242May 20, 20242
arth0sHackTheBox Forest Write-Up: Active Directory 101Forest is an easy HackTheBox machine which I did as part of the Active Directory 101 track.Jul 26, 2023Jul 26, 2023
Jonathan JohnsonDemystifying DLL Hijacking Understanding the Intricate World of Dynamic Link Library AttacksThis blog was originally written by me and posted by BinaryDefense.Oct 11, 2023Oct 11, 2023
assume-breachHome Grown Red Team: Let’s Make Some Malware In C: Part 1Welcome back! In this installment of Home Grown Red Team, we’re going to make some malware. Most of these techniques are we are going to go…Dec 9, 20223Dec 9, 20223
InGeek CulturebyAlex RodriguezOffensive Go: Creating Malicious DLLsAnd Executing Them With RunDLL32Feb 20, 2022Feb 20, 2022
InInfoSec Write-upsbyGourav DharHow hackers impersonate email-id’s : Email Spoofing and Phishing AttacksEmail Spoofing is a cyberattack where the attacker impersonates emails. It is a common tactic for carrying phishing attacks and spamming.Apr 13, 20221Apr 13, 20221
