Bug Bounty Training Program (Online)
🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
📧 Email: info@ignitetechnologies.in
Hurry up, get enrolled yourself with IGNITE TECHNOLOGIES’ fully exclusive Training Program “Bug Bounty.”
✔️ Table of Content
🚀 Introduction to WAPT & OWASP Top 10
🛠️ Pentest Lab Setup
🔍 Information Gathering & Reconnaissance
💻 Netcat for Pentester
⚙️ Configuration Management Testing
🔐 Cryptography
🔑 Authentication
🕒 Session Management
📂 Local File Inclusion
🌐 Remote File Inclusion
📁 Path Traversal
💣 OS Command Injection
🔀 Open Redirect
📤 Unrestricted File Upload
🐚 PHP Web Shells
📝 HTML Injection
🌟 Cross-Site Scripting (XSS)
🔄 Client-Side Request Forgery
🛑 SQL Injection
📜 XXE Injection
🎁 Bonus Section
🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
📧 Email: info@ignitetechnologies.in
Hurry up, get enrolled yourself with IGNITE TECHNOLOGIES’ fully exclusive Training Program “Bug Bounty.”
✔️ Table of Content
🚀 Introduction to WAPT & OWASP Top 10
🛠️ Pentest Lab Setup
🔍 Information Gathering & Reconnaissance
💻 Netcat for Pentester
⚙️ Configuration Management Testing
🔐 Cryptography
🔑 Authentication
🕒 Session Management
📂 Local File Inclusion
🌐 Remote File Inclusion
📁 Path Traversal
💣 OS Command Injection
🔀 Open Redirect
📤 Unrestricted File Upload
🐚 PHP Web Shells
📝 HTML Injection
🌟 Cross-Site Scripting (XSS)
🔄 Client-Side Request Forgery
🛑 SQL Injection
📜 XXE Injection
🎁 Bonus Section
❤2
Multiple Ways to Crack WordPress login
🔥 Telegram: https://news.1rj.ru/str/hackinarticles
In this article, you will be learning how to compromise a WordPress website’s credentials using different brute-force techniques.
📚 Pre-requisites
🛰️ WPScan
💥 Metasploit
🧪 Burp Suite
🛡️ How to avoid a Brute Force Attack?
🔥 Telegram: https://news.1rj.ru/str/hackinarticles
In this article, you will be learning how to compromise a WordPress website’s credentials using different brute-force techniques.
📚 Pre-requisites
🛰️ WPScan
💥 Metasploit
🧪 Burp Suite
🛡️ How to avoid a Brute Force Attack?
❤1
Burp Suite for Pentester: Web Scanner & Crawler
✴ Twitter: https://lnkd.in/e7yRpDpY
🔥Telegram: https://news.1rj.ru/str/hackinarticles
In this article, we’ll discuss how you can identify hidden web pages or determine the existing vulnerabilities in a web application. To do this, we will use one of the best intercepting tools – “Burp Suite”.
🕷️ The Burp’s Crawler
❓ What is Crawler?
⚙️ Crawl with Default Configurations
🛠️ Customizing the Crawler
🛡️ Vulnerability Scanning over Burp Suite
🔍 Auditing with Default Configurations
🎛️ Defining Audit Options
🔄 Crawling & Scanning with an Advanced Scenario
🗑️ Deleting the Defined Tasks
✴ Twitter: https://lnkd.in/e7yRpDpY
🔥Telegram: https://news.1rj.ru/str/hackinarticles
In this article, we’ll discuss how you can identify hidden web pages or determine the existing vulnerabilities in a web application. To do this, we will use one of the best intercepting tools – “Burp Suite”.
🕷️ The Burp’s Crawler
❓ What is Crawler?
⚙️ Crawl with Default Configurations
🛠️ Customizing the Crawler
🛡️ Vulnerability Scanning over Burp Suite
🔍 Auditing with Default Configurations
🎛️ Defining Audit Options
🔄 Crawling & Scanning with an Advanced Scenario
🗑️ Deleting the Defined Tasks
Censys Cheat Sheet
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Censys/Censys%20UHD.png
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Censys/Censys%20UHD.png
Shodan Cheat Sheet
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20UHD.png
🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/Shodan/Shodan%20UHD.png
🚀 Active Directory Exploitation Training (Online) – Register Now! 🚀
🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
📧 Email: info@ignitetechnologies.in
Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.
✔️ Comprehensive Table of Contents:
🔍 Initial Active Directory Exploitation
🔎 Active Directory Post-Enumeration
🔐 Abusing Kerberos
🧰 Advanced Credential Dumping Attacks
📈 Privilege Escalation Techniques
🔄 Persistence Methods
🔀 Lateral Movement Strategies
🛡️ DACL Abuse (New)
🏴 ADCS Attacks (New)
💎 Saphire and Diamond Ticket Attacks (New)
🎁 Bonus Sessions
🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1
📧 Email: info@ignitetechnologies.in
Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.
✔️ Comprehensive Table of Contents:
🔍 Initial Active Directory Exploitation
🔎 Active Directory Post-Enumeration
🔐 Abusing Kerberos
🧰 Advanced Credential Dumping Attacks
📈 Privilege Escalation Techniques
🔄 Persistence Methods
🔀 Lateral Movement Strategies
🛡️ DACL Abuse (New)
🏴 ADCS Attacks (New)
💎 Saphire and Diamond Ticket Attacks (New)
🎁 Bonus Sessions
Abusing AD-DACL: WriteDacl
✴ Twitter: https://lnkd.in/e7yRpDpY
🔥Telegram: https://news.1rj.ru/str/hackinarticles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments.
🧪 Lab Setup – User Owns WriteDacl Permission on Another User
⚔️ Exploitation Phase I – User Owns WriteDacl Permission on Another User
🕵️ BloodHound – Hunting for Weak Permission
🔧 Method for Exploitation:
📜 Granting Full Control
🔥 Kerberoasting (T1558.003) or
🔑 Change Password (T1110.001)
🐧 Linux-Based Tools
🧰 Impacket Tool – Granting Full Control
🐍 Python Script (TargetedKerberoast)
🔐 Linux – Change Password
📡 Net RPC (Samba)
💉 BloodyAD
🪟 Windows PowerShell (PowerView)
🧾 Granting Full Control
🦊 Kerberoasting
🔁 Change Password
🧪 Lab Setup – User Owns WriteDacl Permission on the Domain Admin Group
⚔️ Exploitation Phase II – User Owns WriteDacl Permission on a Group
🕵️ BloodHound – Hunting for Weak Permission
🔧 Method for Exploitation:
📜 Granting Full Control
👥 Account Manipulation (T1098)
🐧 Linux-Based Tools
🧰 Impacket Tool – Granting Full Control
➕ Linux – Adding Member to the Group
📡 Net RPC (Samba)
💉 BloodyAD
🪟 Windows-Based Tools
🧾 PowerView – Granting Full Control
➕ Net Command – Adding Member to Group
✴ Twitter: https://lnkd.in/e7yRpDpY
🔥Telegram: https://news.1rj.ru/str/hackinarticles
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments.
🧪 Lab Setup – User Owns WriteDacl Permission on Another User
⚔️ Exploitation Phase I – User Owns WriteDacl Permission on Another User
🕵️ BloodHound – Hunting for Weak Permission
🔧 Method for Exploitation:
📜 Granting Full Control
🔥 Kerberoasting (T1558.003) or
🔑 Change Password (T1110.001)
🐧 Linux-Based Tools
🧰 Impacket Tool – Granting Full Control
🐍 Python Script (TargetedKerberoast)
🔐 Linux – Change Password
📡 Net RPC (Samba)
💉 BloodyAD
🪟 Windows PowerShell (PowerView)
🧾 Granting Full Control
🦊 Kerberoasting
🔁 Change Password
🧪 Lab Setup – User Owns WriteDacl Permission on the Domain Admin Group
⚔️ Exploitation Phase II – User Owns WriteDacl Permission on a Group
🕵️ BloodHound – Hunting for Weak Permission
🔧 Method for Exploitation:
📜 Granting Full Control
👥 Account Manipulation (T1098)
🐧 Linux-Based Tools
🧰 Impacket Tool – Granting Full Control
➕ Linux – Adding Member to the Group
📡 Net RPC (Samba)
💉 BloodyAD
🪟 Windows-Based Tools
🧾 PowerView – Granting Full Control
➕ Net Command – Adding Member to Group
❤2
Comprehensive Guide on Autopsy Tool (Windows)
✴ Twitter: https://lnkd.in/e7yRpDpY
Autopsy is an open-source tool that is used to perform forensic operations on the disk image of the evidence. The forensic investigation that is carried out on the disk image is displayed here.
➡ File Type
➡MIME-type
➡Deleted Files
➡MB File size
➡Results
➡Extracted Content
➡Keyword Hits
➡Timeline
➡Discovery
➡Images/Videos
➡Add File Tags
➡Generate Reports
✴ Twitter: https://lnkd.in/e7yRpDpY
Autopsy is an open-source tool that is used to perform forensic operations on the disk image of the evidence. The forensic investigation that is carried out on the disk image is displayed here.
➡ File Type
➡MIME-type
➡Deleted Files
➡MB File size
➡Results
➡Extracted Content
➡Keyword Hits
➡Timeline
➡Discovery
➡Images/Videos
➡Add File Tags
➡Generate Reports