Clik here to view.
A Detailed Guide on RustScan
In the realm of cybersecurity, network scanning tools play a vital role in reconnaissance and vulnerability assessment. Among the array of options available, Rustscan has emerged as a formidable...
View ArticleClik here to view.
A Detailed Guide on Pwncat
 Pwncat stands out as an open-source Python tool highly regarded for its versatility, providing a contemporary alternative to the traditional netcat utility. Tailored for network exploration,...
View ArticleClik here to view.
Tomcat Penetration Testing
 Apache Tomcat, developed by the Apache Software Foundation, is a widely used web server and servlet container. Originally, it served as a demonstration platform for Java Servlet and JavaServer Pages...
View ArticleClik here to view.
Jenkins Penetration Testing
Jenkins is an open-source automation server used for continuous integration (CI) and continuous delivery (CD). It's built on Java and utilizes a scripting platform for automation. Jenkins automates...
View ArticleClik here to view.
Disk Group Privilege Escalation
Disk Group Privilege Escalation is a complex attack method targeting vulnerabilities or misconfigurations within the disk group management system of Linux environments. Attackers might focus on disk...
View ArticleClik here to view.
Exploiting Race Condition using Turbo Intruder
 In web security, a race condition refers to a scenario where the behaviour of a web application is influenced by the sequence or timing of events, potentially leading to unintended security...
View ArticleClik here to view.
Reel HackTheBox Walkthrough
 SummaryReel is a windows Active Directory machine and is considered as a hard box in HTB. This box stands out for its uniqueness, featuring a phishing scenario that is rarely found in other boxes....
View ArticleClik here to view.
MSSQL for Pentester: NetExec
NetExec (nxc) is a powerful network exploitation tool developed as a modern successor to CrackMapExec (CME), which was widely used by penetration testers and red teamers. Earlier CrackMapExec was...
View ArticleClik here to view.
A Detailed Guide on Feroxbuster
 Feroxbuster is a robust tool designed to identify directories and files on web servers using brute-force techniques. It is frequently utilized in penetration testing and security evaluations to detect...
View ArticleClik here to view.
OSINT : User Privacy in Linux
 Linux telemetry involves gathering and sending data from a Linux-based system to an external server or service. The purpose of this process is often to monitor system performance, provide diagnostics,...
View ArticleClik here to view.
Abusing AD-DACL : Generic ALL Permissions
 In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the Generic ALL permission in Active Directory environments. This permission provides unrestricted access...
View ArticleClik here to view.
Abusing AD-DACL: ForceChangePassword
 In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the ForcePasswordChange permission in Active Directory environments. This permission is especially...
View ArticleClik here to view.
Abusing AD-DACL: AllExtendedRights
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the AllExtendedRights permission in Active Directory environments. With this permission, attackers can...
View ArticleClik here to view.
Abusing AD-DACL: GenericWrite
 In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the GenericWrite permission in Active Directory environments. This permission can be exploited by...
View ArticleClik here to view.
Abusing AD-DACL: WriteDacl
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments. Attackers can abuse WriteDacl permissions to...
View ArticleClik here to view.
Abusing AD-DACL: WriteOwner
 In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteOwner permission in Active Directory environments. The WriteOwner permission can be abused by...
View ArticleClik here to view.
Active Directory Pentesting Using Netexec Tool: A Complete Guide
Active Directory (AD) penetration testing is an essential part of the security assessment of enterprise networks. The Netexec tool offers a wide range of capabilities for AD enumeration, credential...
View ArticleClik here to view.
Abusing AD-DACL: AddSelf
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the AddSelf permission in Active Directory environments. By exploiting this misconfiguration, attackers...
View ArticleClik here to view.
Diamond Ticket Attack: Abusing kerberos Trust
The Diamond Ticket attack represents a sophisticated escalation in Active Directory (AD) exploitation methods, leveraging intricate flaws in Kerberos authentication and authorization mechanisms. This...
View ArticleClik here to view.
Credential Dumping: AD User Comment
In this article, we shall explore different tools & techniques that help us enumerate Active Directory (AD) users' passwords using which an attacker can expand their access within the organization....
View ArticleClik here to view.
Abusing AD Weak Permission Pre2K Compatibility
Pre2K (short for "Pre-Windows 2000")Active Directory misconfigurations often stem from overlooked legacy settings in Windows environments. Common issues include enabling NTLM or SMBv1 for backward...
View ArticleClik here to view.
Shadow Credentials Attack
In this post, we explore the exploitation technique known as the Shadow Credentials attack. This attack leverages the mismanagement or exploitation of Active Directory Certificate Services (AD CS) to...
View ArticleClik here to view.
Credential Dumping: GMSA
Abusing AD-DACL: ReadGMSAPasswordReadGMSAPassword Attack is a technique where attackers abuse misconfigured Group Managed Service Accounts (gMSA) to retrieve their passwords. In Active Directory, only...
View ArticleClik here to view.
AD Certificate Exploitation: ESC1
The AD CS (Active Directory Certificate Services) certificate template is a predefined configuration in Microsoft AD CS that defines the type of certificate a user, computer, or service can request. It...
View ArticleClik here to view.
Sapphire Ticket Attack: Abusing Kerberos Trust
 The broad usage of Active Directory has made Kerberos attack the bread and butter of many hackers. Researchers have discovered the following new attacks techniques that allow an adversary to gain...
View Article