Ferdi birgülferdibirgul.hashnode.dev·Apr 25, 2024Red Team Fundamentals | Tryhackme Writeup/Walkthrough | By Ferdi BirgülLearn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements. Task 1 : Introduction Cybersecurity is a constant race between white hat hackers and black ...Discussredteaming
Reza RashidiforRedTeamReciperedteamrecipe.com·Apr 25, 2024ASLR Exploitation TechniquesAddress Space Layout Randomization (ASLR) is a security technique used in operating systems to protect against certain types of cyber attacks, particularly buffer overflow attacks. Here’s an overview of ASLR: What is ASLR? ASLR is a feature implement...Discuss·320 readsaslr
0xiNPro0xshin.hashnode.dev·Apr 21, 2024SQLi Series - Reading Files through SQL Injection - 08Introduction SQL Injection can be used for more than just gathering data from tables and databases It can also be leveraged to read and write files on the server In some cases, it can even lead to remote code execution on the back-end server Pri...Discusspente
0xiNPro0xshin.hashnode.dev·Apr 20, 2024SQLi Series - Database Enumeration I - 05The process of gathering information about the database using SQL queries within SQL injections Involves identifying the DBMS type, available databases, tables, and columns Crucial for properly forming SELECT queries to extract data Prerequisi...DiscussCPTS Journeypentesting
0xiNPro0xshin.hashnode.dev·Apr 9, 2024Brute-Force Series - Using Hydra to Brute Force Login Forms - 021. Understand the Target a. The example target is a login form for administrators on the website http://www.inlanefreight.htb b. Gaining access to the admin panel could allow executing OS commands on the server c. Want to find valid credentials wh...DiscussCPTS Journeypentesting
0xiNPro0xshin.hashnode.dev·Apr 7, 2024Fuzzing series - Parameter(GET/POST)/Value Fuzzing with Ffuf - 04Introduction to Parameter Fuzzing Parameter fuzzing is a technique used in web security to uncover hidden or undocumented parameters within web applications. These parameters, which can be part of either GET or POST requests, often reveal insights in...Discuss·1 likeCPTS Journeywebhacking
Reza RashidiforRedTeamReciperedteamrecipe.com·Apr 5, 2024OSINT Method for Map InvestigationsOpen Source Intelligence (OSINT) Open Source Intelligence (OSINT) in the context of map intelligence involves leveraging publicly available geographic information to gather insights, assess situations, and make informed decisions. This can include: S...Discuss·1 like·2.0K readsosinv
Stevenstoni.hashnode.dev·Mar 24, 2024What is shellcode and how do we use it to pop shells?C:\Windows\System32 > whoami I'm a Senior Penetration Tester with a keen eye on safeguarding network and Active Directory environments. My qualifications, highlighted by certifications like eJPTv1, PNPT, ICCA, CARTP, CNPen, CRTE, and CRTO speak to my...Discuss·31 readsmalware development
Zeeshan MustafaforHack The Planet 🌎z-sec.co·Mar 20, 2024Guide to install Game of Active Directory (GOAD) on VMware_ESXIGood day Mates!For quite some time, I have been intending to address this matter, albeit various commitments have continuously impeded its realization. Requirements For GOAD installation on ESXI you need to download the following tools create an ubu...Discuss·266 readsGame of active directory
Reza RashidiforRedTeamReciperedteamrecipe.com·Mar 1, 2024Trended Protocols for Security StuffNetwork Protocols: IDProtocolSecurity Attack VectorSecurity Issues Score 1TelnetMan-in-the-Middle Attacks70 2SNMPv1Information Disclosure65 3NetBIOSNetwork Reconnaissance60 4SMBv1Remote Code Execution80 5WEPWireless Data Interception75 6A...Discuss·1.5K readsredteaming