Tag feed

#hacking

1,963 posts1,003 followers

Trending tags this week

Hack the Box - Season 10 - Season of the Underground

2d ago · 4 min read · Season 10 - Season of the Underground This was a rough season. Moved to a new property towards the end of the season which dropped me in the rankings. Surprised that I bumped back up with just one box

Join discussion

NTNimesh Thakurhack-notes.hashnode.dev

0

DNS for Hackers — What Every Record Type Means to an Attacker

5d ago · 10 min read · Part 1 of 3 in the DNS Recon for Bug Bounty Hunters series Hey, welcome. If you're getting started in bug bounty hunting, you've probably heard people say "do recon first." And the very first thing i

Join discussion

NJNOCTARX Journalnoctarx.hashnode.dev

0

GitHub Under Siege: How the Megalodon Attack Poisoned 5,561 Repositories in 6 Hours

May 23 · 7 min read · GitHub Under Siege: How the Megalodon Attack Poisoned 5,561 Repositories in 6 Hours On May 18, 2026, between 11:36 AM and 5:48 PM UTC — in just six hours — attackers quietly slipped malicious code in

Join discussion

OKOleh Kemblog.comparedge.com

0

The Breach You're Funding With Your Compliance Budget

May 14 · 3 min read · A SOC 2 Type II report does not mean you haven't been breached. It means your controls were documented and tested during a specific window. These are different facts, and the security industry has spe

Join discussion

Xxvzf_optxvzfopt.hashnode.dev

0

Modernizing a Legacy OSINT Framework in Python: Part 1

May 13 · 5 min read · In this blog I'll be talking about a new project I've recently undertaken: Recon-NGX A few months ago, I began delving into the world of open-source intelligence gathering (OSINT) and reconnaissance.

Join discussion

HKHammad Khanhammad-khan.hashnode.dev

0

HMAC Request Signing for Third-Party Webhook Security

May 13 · 8 min read · HMAC Request Signing for Third-Party Webhook Security Webhook endpoints are the most under-secured class of route in most codebases. They take requests from the internet, often without a session, ofte

Join discussion

MBMichael Brownmichaelbrownblog2.hashnode.dev

0

The $292M Kelp DAO Exploit: How North Korea Drained DeFi's Biggest Bridge in 2026

May 13 · 4 min read · April 18, 2026, started like any other Saturday in crypto until it didn't. At 17:35 UTC, an attacker quietly drained 116,500 rsETH from Kelp DAO's cross-chain bridge. By the time protocols started fre

Join discussion

HHackitahack-ita.hashnode.dev

0

Hashcat: GPU Password Cracking for Penetration Testers" subtitle: "From NTLM hashes to bcrypt — a practical guide

May 13 · 2 min read · https://hackita.it/articoli/hashcat When you capture a hash during a pentest, cracking it quickly can make the difference between a dead end and full domain compromise. Hashcat is the go-to tool for t

Join discussion

JIJargon is Easyblog.jargoniseasy.com

0

Someone Posted Morse Code on Twitter and Walked Away With $200,000

May 10 · 6 min read · On May 4, 2026, an attacker pulled off one of the more embarrassing incidents in the short history of autonomous AI agents. They manipulated Grok (xAI's chatbot) and Bankrbot (an automated crypto trad

Join discussion

APAmal PKblog.amalpk.in

0

How to Set Up Burp Suite Proxy on Rooted Android with AlwaysTrustUserCerts (Magisk)

May 8 · 4 min read · Setting up Burp Suite with Android devices or emulators can be annoying, especially on newer Android versions where user-installed certificates are not trusted by many apps by default. There are many

Join discussion

#hacking

Search Hashnode

#hacking

Trending tags this week

Hack the Box - Season 10 - Season of the Underground

DNS for Hackers — What Every Record Type Means to an Attacker

GitHub Under Siege: How the Megalodon Attack Poisoned 5,561 Repositories in 6 Hours

The Breach You're Funding With Your Compliance Budget

Modernizing a Legacy OSINT Framework in Python: Part 1

HMAC Request Signing for Third-Party Webhook Security

The $292M Kelp DAO Exploit: How North Korea Drained DeFi's Biggest Bridge in 2026

Hashcat: GPU Password Cracking for Penetration Testers" subtitle: "From NTLM hashes to bcrypt — a practical guide

Someone Posted Morse Code on Twitter and Walked Away With $200,000

How to Set Up Burp Suite Proxy on Rooted Android with AlwaysTrustUserCerts (Magisk)