In this post, we will discuss what are prototypes in JavaScript, how they help JavaScript in achieving the concepts of Object-Oriented…

Introduction Remote Desktop is one of the most widely used tools for managing Windows Servers. Admins love using RDP and so do attackers. Often the credentials that are used to...

This article contains some of common ways to bypass CSRF protection in web applications that you can use as bug bounty hunter

Over the years, there have been several methods attempted for managing local Administrator accounts: Scripted password change - Don't do this. The password is exposed in SYSVOL. Group Policy Preferences. The credentials are exposed in SYSVOL. Password vault/safe…

Simple (relatively) things allowing you to dig a bit deeper than usual. - PSBits/WinDefend at master · gtworek/PSBits

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens - ticarpi/jwt_tool

Trying to make automated recon for bug bounties. Contribute to phspade/Automated-Scanner development by creating an account on GitHub.

this contain the burp pack. Contribute to SilverPoision/a-full-list-of-wordlists development by creating an account on GitHub.

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command - Mr-Un1k0d3r/SCShell

Red Team Operations with Cobalt Strike is a course on Adversary Simulations and Red Team Operations. Learn how to stand up sophisticated command and control ...

Local File Inclusion Burp-Suite Intruder Payload Generator Plugin - luke-goddard/LFI-Fuzzer-Burp-Suite

CScriptShell, a Powershell Host running within cscript.exe - GitHub - Cn33liz/CScriptShell: CScriptShell, a Powershell Host running within cscript.exe

This is the 13th blog out of a series of blogs I will be publishing on retired HTB machines in preparation for the OSCP. The full list of…

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT - xsscx/Commodity-Injection-Signatures