Hacking Articles
@hackinarticles
21.1K subscribers
1.13K photos
165 files
777 links
House of Pentester
Download Telegram
About
Blog
Apps
Platform
Join
Hacking Articles
21.1K subscribers
Hacking Articles
IPS vs IDS info
1.26K views
Hacking Articles
DevOps Tools Mindmap

πŸ”΄βš«Full HD: https://github.com/Ignitetechnologies/Mindmap/blob/main/Devops/DevOps%20Tools%20HD.png
1.25K views
Hacking Articles
ADCS ESC14 – Write access on altSecurityIdentities

πŸ”₯ Telegram: https://t.me/hackinarticles
✴ Twitter: https://x.com/hackinarticles

ESC14 targets weak certificate mapping in Active Directory, exploiting the altSecurityIdentities attribute to allow attackers to spoof Subject CN or Issuer DN fields.

πŸ“˜ Overview of the ESC14 Attack
βš™οΈ Working of ESC14
πŸ“‹ Prerequisites
πŸ§ͺ Lab Setup

🎯 Enumeration & Exploitation
β€ƒπŸ”“ Abusing Weak Explicit Certificate Mappings via altSecurityIdentities

🧠 Post Exploitation
 πŸ–₯️ Full SYSTEM Shell via Evil-WinRM

πŸ›‘οΈ Mitigation
1.42K views
Hacking Articles
https://www.hackingarticles.in/adcs-esc14-write-access-on-altsecurityidentities/
Hacking Articles
ADCS ESC14 – Write access on altSecurityIdentities
ADCS ESC14 guide: Abuse write access on altSecurityIdentities to impersonate users and escalate privileges via certificate requests.
1.63K views
Hacking Articles
ESC14.pdf
2 MB
1.56K views
Hacking Articles
πŸ”₯ OSCP+/CTF Exam Practice Training (Online) πŸ”₯ – Register Now! πŸš€

πŸ”— Register here: https://forms.gle/bowpX9TGEs41GDG99
πŸ’¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

πŸ“§ Email: info@ignitetechnologies.in

Join IGNITE TECHNOLOGIES’ exclusive "Capture the Flag" Training Program and enhance your skills with the following modules:

🧠 Introduction
🌐 Information Gathering
🧱 Vulnerability Scanning
πŸ”“ Windows Privilege Escalation
🐧 Linux Privilege Escalation
πŸ›‘οΈ Client-Side Attacks
🌐 Web Application Attacks
🧬 Password Attacks
🧠 Tunneling & Pivoting
🏰 Active Directory Attacks
πŸ’£ Exploiting Public Exploits
πŸ“‹ Report Writing

#cybersecurity #cyber #security #hacking #hacker #infosec #cybercrime #tech #technology #cyberattack #datasecurity #malware #ethicalhacking #phishing #cloudsecurity #oscp
❀3
1.84K views
Hacking Articles
DNS Record Types
1.45K views
Hacking Articles
Git Cheatsheet for Developers and DevOps Engineer
❀3
1.53K views
Hacking Articles
Linux Architecture
❀4
1.44K views
Hacking Articles
Linux Boot Process
❀2
1.6K views
Hacking Articles
Secure By Design- Software Architecture.pdf
10.6 MB
❀1
1.55K views
Hacking Articles
Burp Suite for Pentester: Burp Collaborator

✴ Twitter: https://lnkd.in/e7yRpDpY
πŸ”₯Telegram: https://t.me/hackinarticles

In this article of the series of Burp Suite for Pentester, you’ll learn how to detect out-of-band or blind vulnerabilities using one of the most amazing features of Burp Suite, i.e., Burp Collaborator.

πŸ“˜ Introduction to Burp Collaborator
πŸ•΅οΈ Detecting Vulnerabilities with Collaborator Client
β€ƒπŸ’£ Blind Remote Command Execution
 πŸ§ͺ Cross-Site Scripting Detection
β€ƒπŸ‘οΈβ€πŸ—¨οΈ Blind XXE (XML External Entity)
β€ƒπŸŒ Server-Side Request Forgery (SSRF)
β€ƒπŸŽ― Fuzzing for SSRF Detection
1.74K views
Hacking Articles
https://www.hackingarticles.in/burp-suite-for-pentester-burp-collaborator/
1.55K views
Hacking Articles
burp collaborator.pdf
4.1 MB
❀1
1.45K views
Hacking Articles
πŸš€ Active Directory Penetration Training (Online) – Register Now! πŸš€

πŸ”— Register here: https://forms.gle/bowpX9TGEs41GDG99
πŸ’¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

πŸ“§ Email: info@ignitetechnologies.in

Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.

βœ”οΈ Comprehensive Table of Contents:
πŸ” Initial Active Directory Exploitation
πŸ”Ž Active Directory Post-Enumeration
πŸ” Abusing Kerberos
🧰 Advanced Credential Dumping Attacks
πŸ“ˆ Privilege Escalation Techniques
πŸ”„ Persistence Methods
πŸ”€ Lateral Movement Strategies
πŸ›‘οΈ DACL Abuse (New)
🏴 ADCS Attacks (New)
πŸ’Ž Saphire and Diamond Ticket Attacks (New)
🎁 Bonus Sessions

#infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #offensivesecurity #infosecurity #cyberattacks #security #oscp #cybersecurityawareness #bugbounty #bugbountytips
1.67K views
Hacking Articles
DNS Query
❀1
1.6K viewsedited  
Hacking Articles
DNS Records
❀1
1.66K views
Hacking Articles
This media is not supported in your browser
VIEW IN TELEGRAM
How to Use Bloodhound
1.53K views
Hacking Articles
πŸ”“ The Art of Post-Exploitation (Cheat Sheet)

πŸš€ Key Phases
1️⃣ Initial Access β†’ 2️⃣ Lateral Movement β†’ 3️⃣ Privilege Escalation β†’ 4️⃣ Persistence β†’ 5️⃣ Exfiltration

⚑ Top Tools

Mimikatz (Cred Dumping)

Cobalt Strike (C2)

Metasploit (Exploitation)

Impacket (Lateral Movement)

πŸ”₯ Hot Techniques

LSASS Dumping: procdump -ma lsass.exe

Pass-the-Hash: sekurlsa::pth /user:admin /ntlm:<hash>

Kerberoasting: GetUserSPNs.py -request

RDP Hijacking: xfreerdp /u:admin /v:target_ip

πŸ›‘οΈ Defensive Tips
βœ” Disable WDigest (Prevent cred dumping)
βœ” Monitor LSASS access
βœ” Restrict RDP/SMB access
βœ” Enable Windows Defender Cred Guard

πŸ“Œ Case Studies

PrintNightmare (CVE-2021-34527) β†’ SYSTEM access

DNS Tunneling β†’ Stealthy data exfiltration
❀2
1.93K views
Hacking Articles
Art of Post-Exploitation.pdf
26.2 MB
❀1
1.59K views
Hacking Articles
Password Cracking: FTP

πŸ”₯ Telegram: https://t.me/hackinarticles

Gaining initial access through an open FTP port is a common and effective technique in penetration testing. This article demonstrates how to identify and exploit FTP services using a range of popular tools,

πŸ”¨ Hydra
🎯 Metasploit
🐍 Medusa
🧩 NetExec (nxc)
⚑ Ncrack
πŸŒ€ Patator
πŸ“‚ Nmap NSE Script (ftp-brute.nse)
πŸš€ BruteSpray
❀1πŸ‘1πŸ”₯1
1.84K views