🔍 [Day 2] ADCS Exploitation: ESC2
ESC2 involves misconfigured certificate templates permitting enrollment for any purpose, enabling unauthorized authentication or code signing.
📌 Key Points:
Risk: Templates with Any Purpose (OID 2.5.29.37.0) or SubCA (OID 2.5.29.19.20) allow misuse.
Exploitation: Attackers obtain certificates for unintended purposes (e.g., domain persistence).
Mitigation: Restrict templates to specific OIDs and enforce least-privilege enrollment.
📖 Reference: ESC2 Technical Breakdown
Next: ESC3 – Agent certificate abuse.
🔍 GMSA Password Attack: Exploiting Group Managed Service Accounts
Learn to extract & abuse GMSA passwords for AD privilege escalation:
✔ Retrieve hashes using PowerShell & Mimikatz
✔ Crack passwords & escalate privileges
✔ Bypass restrictions via gMSAPassword exploitation
🔧 Key Techniques:
• Get-ADServiceAccount hash extraction
• DSInternals hash conversion
• Kerberos ticket abuse
📖 Full Guide: Read Here
❤1
XSS Tools
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/XSS%20Tools/XSS%20Testing%20Tools%20HD.png
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/XSS%20Tools/XSS%20Testing%20Tools%20HD.png
❤1
HTTPx Mindmap
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/httpx/HTTPX%20HD.png
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/httpx/HTTPX%20HD.png
❤1
🔥Active Directory Red Team Ops Webinar (Free)🔥
We’re hosting a free 3-hour live webinar on Active Directory Red Team Operations, designed for professionals interested in real-world attack techniques used against enterprise AD environments.
🗓️ Date: 15th June 2025
🕒 Time: 6:00 PM IST to 9 PM IST
What you’ll learn
* MITRE-mapped AD attack paths
* Live demos: Kerberoasting & ACL-based privilege escalation
* Common misconfigurations exploited by attackers
* Red Teaming career roadmap & practical learning paths
🎓 Ideal for: Red Teamers, Blue Teamers, OSCP aspirants, and security engineers.
We’ll also unveil:
* 3-Weekend AD Workshop – ₹14,999
* 2.5-Month Advanced Course – ₹36,999
📌 Join here to register and get webinar details:
👉 https://chat.whatsapp.com/HWKRCQtcIiY27YXbk3BGKU
Feel free to message me if you have any questions.
Best Regards,
Ignite Technologies
We’re hosting a free 3-hour live webinar on Active Directory Red Team Operations, designed for professionals interested in real-world attack techniques used against enterprise AD environments.
🗓️ Date: 15th June 2025
🕒 Time: 6:00 PM IST to 9 PM IST
What you’ll learn
* MITRE-mapped AD attack paths
* Live demos: Kerberoasting & ACL-based privilege escalation
* Common misconfigurations exploited by attackers
* Red Teaming career roadmap & practical learning paths
🎓 Ideal for: Red Teamers, Blue Teamers, OSCP aspirants, and security engineers.
We’ll also unveil:
* 3-Weekend AD Workshop – ₹14,999
* 2.5-Month Advanced Course – ₹36,999
📌 Join here to register and get webinar details:
👉 https://chat.whatsapp.com/HWKRCQtcIiY27YXbk3BGKU
Feel free to message me if you have any questions.
Best Regards,
Ignite Technologies
❤1
Best of Wireshark Tutorial
A Beginner’s Guide
https://www.hackingarticles.in/wireshark-for-pentesters-a-beginners-guide/
Password Sniffing
https://www.hackingarticles.in/wireshark-for-pentester-password-sniffing/
Nmap Scan using Wireshark
https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/
Understanding Nmap Scan with Wireshark
https://www.hackingarticles.in/understanding-nmap-scan-wireshark/
Network Packet Forensic using Wireshark
https://www.hackingarticles.in/network-packet-forensic-using-wireshark/
Understanding Guide to ICMP Protocol with Wireshark
https://www.hackingarticles.in/understanding-guide-icmp-protocol-wireshark/
Working of Traceroute using Wireshark
https://www.hackingarticles.in/working-of-traceroute-using-wireshark/
A Beginner’s Guide
https://www.hackingarticles.in/wireshark-for-pentesters-a-beginners-guide/
Password Sniffing
https://www.hackingarticles.in/wireshark-for-pentester-password-sniffing/
Nmap Scan using Wireshark
https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/
Understanding Nmap Scan with Wireshark
https://www.hackingarticles.in/understanding-nmap-scan-wireshark/
Network Packet Forensic using Wireshark
https://www.hackingarticles.in/network-packet-forensic-using-wireshark/
Understanding Guide to ICMP Protocol with Wireshark
https://www.hackingarticles.in/understanding-guide-icmp-protocol-wireshark/
Working of Traceroute using Wireshark
https://www.hackingarticles.in/working-of-traceroute-using-wireshark/
Best of SQL Injection
How to set up SQLI Lab in Kali
https://www.hackingarticles.in/set-sqli-lab-kali/
Beginner’s Guide to SQL Injection (Part 1)
https://www.hackingarticles.in/beginner-guide-sql-injection-part-1/
Beginner Guide to SQL Injection Boolean Based (Part 2)
https://www.hackingarticles.in/beginner-guide-sql-injection-boolean-based-part-2/
How to Bypass SQL Injection Filter Manually
https://www.hackingarticles.in/bypass-filter-sql-injection-manually/
Form Based SQL Injection Manually
https://www.hackingarticles.in/form-based-sql-injection-manually/
Manual SQL Injection Exploitation Step by Step.
https://www.hackingarticles.in/manual-sql-injection-exploitation-step-step/
How to set up SQLI Lab in Kali
https://www.hackingarticles.in/set-sqli-lab-kali/
Beginner’s Guide to SQL Injection (Part 1)
https://www.hackingarticles.in/beginner-guide-sql-injection-part-1/
Beginner Guide to SQL Injection Boolean Based (Part 2)
https://www.hackingarticles.in/beginner-guide-sql-injection-boolean-based-part-2/
How to Bypass SQL Injection Filter Manually
https://www.hackingarticles.in/bypass-filter-sql-injection-manually/
Form Based SQL Injection Manually
https://www.hackingarticles.in/form-based-sql-injection-manually/
Manual SQL Injection Exploitation Step by Step.
https://www.hackingarticles.in/manual-sql-injection-exploitation-step-step/
👍1
Best of Nmap Scan
Host Discovery
https://www.hackingarticles.in/nmap-for-pentester-host-discovery/
Output Scan
https://www.hackingarticles.in/nmap-for-pentester-output-format-scan/
Vulnerability Scan
https://www.hackingarticles.in/nmap-for-pentester-vulnerability-scan/
Password Cracking
https://www.hackingarticles.in/nmap-for-pentester-password-cracking/
Packet Trace
https://www.hackingarticles.in/understanding-nmap-packet-trace/
Timing Parameters
https://www.hackingarticles.in/nmap-scan-with-timing-parameters/
Scan with HEX Value
https://www.hackingarticles.in/nmap-scans-using-hex-value-flags/
Forensic Investigation of Nmap Scan using Wireshark
https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/
Timing Scan
https://www.hackingarticles.in/understanding-guide-nmap-timing-scan-firewall-bypass/
Port Status
https://www.hackingarticles.in/comprehensive-guide-on-nmap-port-status/
Understanding Guide to
https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-2/
Nmap Firewall Scan (Part 1)
https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-1/
Nmap Scan with Wireshark
https://www.hackingarticles.in/understanding-nmap-scan-wireshark/
Network Scanning using NMAP (Beginner Guide)
https://www.hackingarticles.in/network-scanning-using-nmap-beginner-guide/
Host Discovery
https://www.hackingarticles.in/nmap-for-pentester-host-discovery/
Output Scan
https://www.hackingarticles.in/nmap-for-pentester-output-format-scan/
Vulnerability Scan
https://www.hackingarticles.in/nmap-for-pentester-vulnerability-scan/
Password Cracking
https://www.hackingarticles.in/nmap-for-pentester-password-cracking/
Packet Trace
https://www.hackingarticles.in/understanding-nmap-packet-trace/
Timing Parameters
https://www.hackingarticles.in/nmap-scan-with-timing-parameters/
Scan with HEX Value
https://www.hackingarticles.in/nmap-scans-using-hex-value-flags/
Forensic Investigation of Nmap Scan using Wireshark
https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/
Timing Scan
https://www.hackingarticles.in/understanding-guide-nmap-timing-scan-firewall-bypass/
Port Status
https://www.hackingarticles.in/comprehensive-guide-on-nmap-port-status/
Understanding Guide to
https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-2/
Nmap Firewall Scan (Part 1)
https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-1/
Nmap Scan with Wireshark
https://www.hackingarticles.in/understanding-nmap-scan-wireshark/
Network Scanning using NMAP (Beginner Guide)
https://www.hackingarticles.in/network-scanning-using-nmap-beginner-guide/