Hacking Articles
@hackinarticles
21.2K subscribers
1.13K photos
165 files
777 links
House of Pentester
Download Telegram
About
Blog
Apps
Platform
Join
Hacking Articles
21.2K subscribers
Hacking Articles
https://posts.specterops.io/bofhound-ad-cs-integration-91b706bc7958
Medium
BOFHound: AD CS Integration
TL;DR: BOFHound can now parse Active Directory Certificate Services (AD CS) objects, manually queried from LDAP, for review and attack path…
πŸ”₯3
519 views
Hacking Articles
https://lolad-project.github.io/
504 views
Hacking Articles
https://secybr.com/posts/shodan-tutorials-for-best-practicies
secybr | penetration testing, red teaming and hack tricks.
Shodan.io Tutorials for Best Practices
penetration testing, red teaming and hack tricks.
πŸŽ‰2❀1
508 views
Hacking Articles
https://www.hackingarticles.in/mssql-for-pentester-command-execution-with-xp_cmdshell/
Hacking Articles
MSSQL for Pentester: Command Execution with xp_cmdshell
Learn how to exploit MSSQL using the xp_cmdshell command for reverse shells, privilege escalation, and remote command execution.
❀1
497 views
Hacking Articles
https://www.hackingarticles.in/burpsuite-for-pentester-autorize/
Hacking Articles
Burp Suite for Pentester: Autorize
Boost access control testing with Burp Suite Autorize extension. Identify auth bypass, IDOR & RBAC issues efficiently.
❀1
504 views
Hacking Articles
https://www.hackingarticles.in/comprehensive-guide-on-cross-site-scripting-xss/
Hacking Articles
Comprehensive Guide on Cross-Site Scripting (XSS)
Ultimate XSS guide covering DOM/reflected/stored attack. Learn exploitation techniques, real-world examples, and advanced prevention methods.
❀1
458 views
Hacking Articles
πŸ”₯ OSCP+/CTF Exam Practice Training (Online) πŸ”₯ – Register Now! πŸš€

πŸ”— Register here: https://forms.gle/bowpX9TGEs41GDG99
πŸ’¬ WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

πŸ“§ Email: info@ignitetechnologies.in

Join IGNITE TECHNOLOGIES’ exclusive "Capture the Flag" Training Program and enhance your skills with the following modules:

🧠 Introduction
🌐 Information Gathering
🧱 Vulnerability Scanning
πŸ”“ Windows Privilege Escalation
🐧 Linux Privilege Escalation
πŸ›‘οΈ Client-Side Attacks
🌐 Web Application Attacks
🧬 Password Attacks
🧠 Tunneling & Pivoting
🏰 Active Directory Attacks
πŸ’£ Exploiting Public Exploits
πŸ“‹ Report Writing
❀2
752 views
Hacking Articles
https://www.hackingarticles.in/sapphire-ticket-attack-abusing-kerberos-trust/
Hacking Articles
Sapphire Ticket Attack: Abusing Kerberos Trust
Sapphire Ticket Attack abuses Kerberos to impersonate users and escalate privileges via S4U2Self and U2U in Active Directory.
❀1
438 views
Hacking Articles
https://www.hackingarticles.in/readgmsapassword-attack/
Hacking Articles
Credential Dumping: GMSA
Understand the ReadGMSAPassword Attack, how attackers extract gMSA passwords, and how to detect and prevent these threats in Active Directory.
❀1
464 views
Hacking Articles
https://www.hackingarticles.in/shadow-credentials-attack/
Hacking Articles
Shadow Credentials Attack
Understand Shadow Credentials attacks in Active Directory. Learn exploitation techniques using PKINIT, tools, and mitigation strategies.
❀1
470 views
Hacking Articles
https://techcommunity.microsoft.com/discussions/windowsserver/active-directory-advanced-threat-hunting---tracing-the-cause-of-account-lockouts/4104108
TECHCOMMUNITY.MICROSOFT.COM
Active Directory Advanced Threat Hunting - Tracing the cause of account lockouts and password errors | Microsoft Community Hub
 
Dear Microsoft Active Directory friends,
 
In this article we are going on a "search for clues" :-). In the life of an IT administrator, you have...
❀1
437 views
Hacking Articles
Search Engine for Pentester

πŸ”΄βš«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Serach%20Engine%20for%20Pentester/Search%20Engine%20for%20Pentester%20HD.png
❀1
440 views
Hacking Articles
NMAP

πŸ”΄βš«οΈFull HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Nmap/nmap%20HD.png
❀2πŸ‘2
446 views
Hacking Articles
πŸ› οΈ Burp Suite for Pentesters: Repeater Module

Master web application testing with Burp Suite’s Repeater, a key tool for manipulating and analyzing HTTP requests:

β€’ Modifies and resends HTTP requests (manual testing)
β€’ Analyzes server responses in real-time
β€’ Identifies input validation issues and logic flaws
β€’ Supports testing for authentication and session handling

πŸ” Key Techniques Covered:

Bypassing client-side controls

Testing for SQLi, XSS, and IDOR

Crafting custom HTTP payloads

πŸ“– Full Tutorial: Read Here
https://www.hackingarticles.in/burp-suite-for-pentester-repeater/
❀1πŸ‘1
487 viewsedited  
Hacking Articles
Repeater.pdf
2.4 MB
498 views
Hacking Articles
https://nxb1t.github.io/retype/incident-response/practical_ir_ad/
448 views
Hacking Articles
http://logan-goins.com/2024-10-11-Dotnet-AD/
Logan Goins
Using Offensive .NET to Enumerate and Exploit Active Directory Environments
.NET is a platform for application development created by Microsoft supporting programs written in a whole host of languages, usually in C#. There are a few versions of .NET, including .NET Framework, .NET Mono, and .NET Core, with the most interesting for…
❀1
454 views
Hacking Articles
https://mrd0x.com/spying-with-chromium-browsers-screensharing/
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
414 views
Hacking Articles
https://nothingspecialforu.github.io/UCgMSAExploitation/
391 views
Hacking Articles
Best of Credential Dumping

NTDS.dit
https://www.hackingarticles.in/credential-dumping-ntds-dit/

DCSync Attack
https://www.hackingarticles.in/credential-dumping-dcsync-attack/

LAPS
https://www.hackingarticles.in/credential-dumpinglaps/

Domain Cache Credential
https://www.hackingarticles.in/credential-dumping-domain-cache-credential/

Wireless
https://www.hackingarticles.in/credential-dumping-wireless/

Group Policy Preferences (GPP)
https://www.hackingarticles.in/credential-dumping-group-policy-preferences-gpp/

Windows Credential Manager
https://www.hackingarticles.in/credential-dumping-windows-credential-manager/

WDigest
https://www.hackingarticles.in/credential-dumping-wdigest/

Security Support Provider (SSP)
https://www.hackingarticles.in/credential-dumping-security-support-provider-ssp/

SAM
https://www.hackingarticles.in/credential-dumping-sam/

Applications
https://www.hackingarticles.in/credential-dumping-applications/


Phishing Windows Credentials
https://www.hackingarticles.in/credential-dumping-phishing-windows-credentials/

Local Security Authority (LSA|LSASS.EXE)
https://www.hackingarticles.in/credential-dumping-local-security-authority-lsalsass-exe/

Clipboard
https://www.hackingarticles.in/credential-dumping-clipboard/
369 views