Boris Tougmaboris-cyber.hashnode.dev·Sep 10, 2024Skynet - TryHackMe WalkthroughIn this writeup, we will explore Skynet, a vulnerable Linux machine inspired by the Terminator universe. We'll walk through the exploitation process, from initial reconnaissance to privilege escalation. Initial Reconnaissance We start by scanning the...95 readstryhackme
Anshul Tiwaricsanshul.hashnode.dev·Sep 8, 2024MITRE ATT&CK® frameworkLets understand MITRE ATT&CK framework in simple way. What is MITRE ATT&CK ? It was developed and released by MITRE Corporation.A non-profit organization in 2015.Acronym ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge.It acts a...MITRE
Chioma Ibeakanmachiomaibeakanma.hashnode.dev·Sep 7, 2024Unauthorized Privilege Escalation Vulnerability via Role ManipulationPrivilege escalation vulnerabilities pose a serious threat in many applications, allowing unauthorized users to gain access to higher-level permissions. One such vulnerability is "Unauthorized Privilege Escalation via Role Manipulation." This issue a...43 readsVulnerabilities with Chioma Ibeakanmarole-based-access-control
William Mawillsec.hashnode.dev·Sep 6, 2024HTB Notes: ArchetypeSMB Scanning the machine we find the following services running: SMB (445) SQL Server (1433) We can list the shares or services by using the following command. smbclient -L //10.129.227.227 --user=Administator This works because the SMB server is...#cybersecurity
Shubhankar Guptahawk1.hashnode.dev·Aug 6, 2024Privilege EscalationWhat Is Privilege Escalation? Privilege escalation is a process where an attacker gains elevated access to resources that are normally protected from an application or user. The result is that the attacker obtains privileges that they are not suppose...36 readsRed Team Engagement
Reza Rashidiblog.redteamguides.com·Aug 1, 2024Windows Privileges for Fun and ProfitWindows privileges, the permissions assigned to users and processes, are essential for maintaining system security and functionality. They determine what actions an account can perform, such as accessing files, running programs, or modifying system s...2.9K readsred team
Varkey Thomasskinnyidiot.hashnode.dev·Jul 16, 2024Horizontal to Vertical Privilege EscalationIntro: This type of escalation is a combination of both horizontal, and vertical privilege escalation. First, an attacker gains access to an standard account without any administrative privileges. After accessing the standard account, the attacker wi...appsec
Goodycybgoodycyb.hashnode.dev·Jul 5, 2024Exploiting Lambda Vulnerabilities for Privilege Escalation in AWSIntroduction In this lab, you start as the 'bilbo' user. You will assume a role with more privileges, discover a lambda function that applies policies to users, and exploit a vulnerability in the function to escalate the privileges of the Bilbo user ...37 readsPractical Cl⛅d Security Labsaws lambda
Varkey Thomasskinnyidiot.hashnode.dev·Jul 4, 2024Access Control - Horizontal Privilege EscalationAn access control vulnerability when a non-administrative user can see another users personal information with similiar privileges. An example would be a user gaining access to the records of another user. Horizontal privilege escalation attacks may ...access control
Reza Rashidiblog.redteamguides.com·May 23, 2024macOS Red TeamingmacOS red teaming involves simulating cyber-attacks on macOS environments to identify vulnerabilities, assess security posture, and improve defensive measures. This process encompasses a wide array of techniques, tools, and methodologies aimed at mim...8.4K readsmacOS