Varkey Thomasskinnyidiot.hashnode.dev·Jul 16, 2024Horizontal to Vertical Privilege EscalationIntro: This type of escalation is a combination of both horizontal, and vertical privilege escalation. First, an attacker gains access to an standard account without any administrative privileges. After accessing the standard account, the attacker wi...Discussappsec
Goodycybgoodycyb.hashnode.dev·Jul 5, 2024Exploiting Lambda Vulnerabilities for Privilege Escalation in AWSIntroduction In this lab, you start as the 'bilbo' user. You will assume a role with more privileges, discover a lambda function that applies policies to users, and exploit a vulnerability in the function to escalate the privileges of the Bilbo user ...DiscussPractical Cl⛅d Security Labsaws lambda
Varkey Thomasskinnyidiot.hashnode.dev·Jul 4, 2024Access Control - Horizontal Privilege EscalationAn access control vulnerability when a non-administrative user can see another users personal information with similiar privileges. An example would be a user gaining access to the records of another user. Horizontal privilege escalation attacks may ...Discussaccess control
Reza RashidiforRedTeamReciperedteamrecipe.com·May 23, 2024macOS Red TeamingmacOS red teaming involves simulating cyber-attacks on macOS environments to identify vulnerabilities, assess security posture, and improve defensive measures. This process encompasses a wide array of techniques, tools, and methodologies aimed at mim...Discuss·3.7K readsmacOS
Reza RashidiforRedTeamReciperedteamrecipe.com·May 16, 2024system32 important filesThe System32 directory is a critical component of the Windows operating system, housing essential system files and libraries that are vital for the system’s operation. In the context of offensive security, this directory is significant because it con...Discuss·1 like·1.4K readssystem32
Reza RashidiforRedTeamReciperedteamrecipe.com·Feb 9, 2024Important Active Directory Attribute for Red/Blue TeamerActive Directory attributes play a crucial role in managing user accounts and group memberships within Windows environments. Attributes such as SAMACCOUNTNAME and USERPRINCIPALNAME are often targeted for username enumeration and phishing attacks. The...Discuss·1.3K readsredteaming
Francis Baziele Saahbaziele.hashnode.dev·Jan 16, 2024Mastering Linux Privilege Escalation: A Hacker's GuideI recently came across an interesting post on Reddit. It was about a guy who was able to hack his colleague's Twitter account. Want to know how he did it? Well, they were actually working on a project together. One day, while messing around with the ...Discuss·40 readsPrivilege Escalation
BHAVESH PATILparanerdzops.hashnode.dev·Dec 27, 2023How To Setup New User on CentOS 7This guide will walk you through the process of setting up new User on a CentOS 7 with Sudo privileges. Prerequisites Before diving into the process of creating a user on CentOS, ensure the following prerequisites are met: Access to a CentOS server ...DiscussWheel Group
Daniel Huriflyestinfosec.hashnode.dev·Dec 20, 2023THM - "Startup" Write UpFor the past couple of months I've been taking the Junior Penetration Tester course from INE in preparation for the eJPTv2 Exam that I'll be taking shortly, I've decided to complete a few boxes to get some practice in, so I can further prepare as muc...Discuss·29 readsdirbuster
gokupwngoku.pw·Nov 4, 2023Pilgrimage - Linux Easy MachineTL;DR: Through directory brute force, I discovered an exposed .git directory, which allowed me to access the web application's source code and a binary file named 'magick.' After conducting static analysis on this binary, I found that it was from the...Discuss·47 readshtb