Hacking Articles
@hackinarticles
21.1K subscribers
1.13K photos
165 files
777 links
House of Pentester
Download Telegram
About
Blog
Apps
Platform
Join
Hacking Articles
21.1K subscribers
Hacking Articles
https://www.hackingarticles.in/a-detailed-guide-on-certipy/
1.23K views
Hacking Articles
Certipy.pdf
5.5 MB
1.25K views
Hacking Articles
πŸš€ AI Penetration Training (Online) – Register Now! πŸš€

πŸ”— Register here: https://forms.gle/bowpX9TGEs41GDG99
πŸ’¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

πŸ“§ Email: info@ignitetechnologies.in

Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.

🧠 LLM Architecture
πŸ” LLM Security Principles
πŸ—„οΈ Data Security in AI Systems
πŸ›‘οΈ Model Security
πŸ—οΈ Infrastructure Security
πŸ“œ OWASP Top 10 for LLMs
βš™οΈ LLM Installation and Deployment
πŸ“‘ Model Context Protocol (MCP)
πŸš€ Publishing Your Model Using Ollama
πŸ” Introduction to Retrieval-Augmented Generation (RAG)
🌐 Making Your AI Application Public
πŸ“Š Types of Enumeration Using AI
🎯 Prompt Injection Attacks
🐞 Exploiting LLM APIs: Real-World Bug Scenarios
πŸ”‘ Password Leakage via AI Models
🎭 Indirect Prompt Injection Techniques
⚠️ Misconfigurations in LLM Deployments
πŸ‘‘ Exploitation of LLM APIs with Excessive Privileges
πŸ“ Content Manipulation in LLM Outputs
πŸ“€ Data Extraction Attacks on LLMs
πŸ”’ Securing AI Systems
🧾 System Prompts and Their Security Implications
πŸ€– Automated Penetration Testing with AI
❀3
1.28K views
Hacking Articles
2fa Bypass
❀1
1.08K views
Hacking Articles
5 Mistakes in Bug Bounty
πŸ‘2
1.13K views
Hacking Articles
This media is not supported in your browser
VIEW IN TELEGRAM
9 Http request Methods
1.12K views
Hacking Articles
Feroxbuster Mindmap

πŸ”΄βš«Full HD: https://github.com/Ignitetechnologies/Mindmap/blob/main/Feroxbuster/Feroxbuster%20UHD.png
984 views
Hacking Articles
Cyber Incident Response Explained in Bite-Sized Scenarios
✴ Twitter: Share this thread

1. No Incident Plan
Kitchen fire β†’ Staff panics
βœ… Fix: OT-specific response drills

2. Weak Architecture
Open kitchen β†’ Rats everywhere
βœ… Fix: Segment IT/OT networks

3. Blind Monitoring
No cameras β†’ Thieves steal freely
βœ… Fix: ICS-aware sensors (e.g., Dragos)

4. Risky Remote Access
Backdoor open β†’ Hackers walk in
βœ… Fix: MFA + time-limited access

5. Ignored Vulnerabilities
Rotten food β†’ Customers sick
βœ… Fix: Patch "NOW" threats first

Stats:

Only 29% secure remote access

61% monitor networks properly
❀3
1.03K views
Hacking Articles
Cyber Security Incident Management Plan.pdf
1.3 MB
988 views
Hacking Articles
ADCS ESC4: Vulnerable Certificate Template Access Control

✴ Twitter: https://x.com/hackinarticles

ESC4 Active Directory Certificate Services Vulnerability is a high-risk vulnerability in Active Directory Certificate Services (ADCS) that enables attackers to exploit misconfigured certificate template permissions (e.g., Write, GenericAll, WriteDACL).

πŸ“˜ Overview of the ESC4 Attack
βš™οΈ ESC4 Attack Mechanism
πŸ”‘ Server Authentication EKU Structure
πŸ“‹ Prerequisites
πŸ§ͺ Lab Setup

🎯 Enumeration and Exploitation
β€ƒπŸ› οΈ ESC4 Attack Using Certipy

🧠 Post Exploitation
β€ƒπŸ” Lateral Movement & Privilege Escalation Using Impacket-PsExec
 πŸ’₯ ESC4 Attack Using Metasploit

πŸ›‘οΈ Mitigation
1.12K views
Hacking Articles
https://www.hackingarticles.in/adcs-esc4-vulnerable-certificate-template-access-control/
Hacking Articles
ADCS ESC4: Vulnerable Certificate Template Access Control
Learn about ADCS ESC4 vulnerability in Active Directory Certificate Services and how attackers can exploit it to gain access.
1.3K views
Hacking Articles
ESC4.pdf
2.8 MB
1.21K views
Hacking Articles
πŸ”₯ OSCP+/CTF Exam Practice Training (Online) πŸ”₯ – Register Now! πŸš€

πŸ”— Register here: https://forms.gle/bowpX9TGEs41GDG99
πŸ’¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

πŸ“§ Email: info@ignitetechnologies.in

Join IGNITE TECHNOLOGIES’ exclusive "Capture the Flag" Training Program and enhance your skills with the following modules:

🧠 Introduction
🌐 Information Gathering
🧱 Vulnerability Scanning
πŸ”“ Windows Privilege Escalation
🐧 Linux Privilege Escalation
πŸ›‘οΈ Client-Side Attacks
🌐 Web Application Attacks
🧬 Password Attacks
🧠 Tunneling & Pivoting
🏰 Active Directory Attacks
πŸ’£ Exploiting Public Exploits
πŸ“‹ Report Writing
1.43K views
Hacking Articles
Wireshark
1.52K views
Hacking Articles
OpenVas
1.49K views
Hacking Articles
Owasp ZAP
1.47K views
Hacking Articles
ISO 27001-2022 Controls

πŸ”΄βš«Full HD: https://github.com/Ignitetechnologies/Mindmap/blob/main/ISO%20Control/ISO%2027001-2022%20Controls%20UHD.png
1.22K views
Hacking Articles
AWS S3 Attack & Defend.pdf
3.7 MB
❀1
1.07K views
Hacking Articles
AWS S3 Security Risks Explained Through Simple Scenarios
✴ Twitter: Join US

Understand AWS S3 security risks and defenses with these bite-sized analogies:

☒ Publicly Exposed Bucket
Scenario: Bank vault left open β†’ Anyone can walk in and take cash.
Risk: Misconfigured S3 buckets expose sensitive data globally.
Defense: Enable S3 Block Public Access at the account level.

☒ Leaked Credentials
Scenario: Master key copied β†’ Thieves unlock every door.
Risk: Hardcoded AWS keys in code/GitHub grant attackers full access.
Defense: Use IAM roles (not keys) and scan repos with git-secrets.

☒ Malicious Uploads
Scenario: Poisoned food delivered β†’ Kitchen infected.
Risk: Attackers upload webshells/malware via unvalidated file uploads.
Defense: Enforce server-side file validation and scan uploads with GuardDuty Malware Protection.

☒ Unencrypted Data
Scenario: Secret letters sent in clear text β†’ Intercepted easily.
Risk: Data breaches if buckets lack SSE-KMS encryption.
Defense: Enable default bucket encryption and enforce HTTPS via bucket policies.

☒ No Logging
Scenario: Burglary with no cameras β†’ No evidence.
Risk: Attacks go undetected without S3 Server Access Logs and CloudTrail.
Defense: Log all API calls and analyze with GuardDuty.

Key Defensive Actions
Least Privilege: Restrict IAM policies to specific buckets/actions.

Automate Audits: Use AWS Config rules to flag misconfigurations.

Monitor: Set up EventBridge alerts for suspicious activity (e.g., .php uploads).

Lock Down: Use S3 Object Lock (WORM) for immutable backups.
❀2
1.15K views
Hacking Articles
Windows Persistence: Port Monitors

πŸ”₯ Telegram: https://t.me/hackinarticles

The article β€œWindows Persistence using Port Monitors” explores a lesser-known but effective technique for maintaining unauthorized access on a compromised Windows system.

#infosec #cybersecurity #cybersecuritytips #microsoft #redteam #informationsecurity #CyberSec #ai #offensivesecurity #infosecurity #cyberattacks #security #oscp #cybersecurityawareness #bugbounty #bugbountytips
1.14K views
Hacking Articles
https://www.hackingarticles.in/windows-persistence-port-monitors/
Hacking Articles
Windows Persistence: Port Monitors
Learn Windows persistence techniques using port monitors, device drivers and registry modifications for red teaming and penetration testing
1.09K views