Hacking Articles – Telegram
Hacking Articles
@hackinarticles
13.2K subscribers
680 photos
133 files
437 links
House of Pentester
Download Telegram
About
Blog
Apps
Platform
Join
Hacking Articles
13.2K subscribers
Hacking Articles
Cloud Security Checklist.pdf
4.2 MB
469 views
Hacking Articles
Comprehensive Guide on Unrestricted File Upload

Today, in this article, we’ll learn how such invalidations to the user-input and server mismanagement, opens up the gates for the attackers to host malicious content, over from the Unrestricted File Upload functionality in order to drop down the web-applications..


📁 Basic File Upload
📦 Content-Type Restriction
🧾 Double Extension File Upload
🖼️ Image Size Validation Bypass
🚫 Blacklisted Extension File Upload
3🔥1
485 views
Hacking Articles
Unrestricted File Upload.pdf
2.7 MB
🔥5
458 views
Hacking Articles
https://www.hackingarticles.in/comprehensive-guide-on-unrestricted-file-upload/
Hacking Articles
Comprehensive Guide on Unrestricted File Upload
Learn about the unrestricted file upload vulnerability and how it can lead to severe security risks for web applications.
2
439 views
Hacking Articles
https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work
403 views
Hacking Articles
🔍 [NEW SERIES] Active Directory Certificate Services Exploitation: ESC1


Kickstarting our daily ADCS exploitation series with ESC1—a critical vulnerability allowing attackers to spoof privileged identities via misconfigured certificate templates.

📌 Key Takeaways:

Privilege Escalation: Forge certificates to impersonate high-value accounts (e.g., Domain Admins).

Toolset: Abuse Certify, Rubeus, and SharpDPAPI for exploitation.

Defense: Audit templates for ENROLLEE_SUPPLIES_SUBJECT and CT_FLAG_NO_SECURITY_EXTENSION flags.

📖 Read the Full Guide: ADCS ESC1 Exploitation
😈2
400 views
Hacking Articles
https://www.hackingarticles.in/ad-certificate-exploitation-esc1
Hacking Articles
AD Certificate Exploitation: ESC1
Explore AD CS ESC1 Certificate Exploitation, misconfigurations, privilege escalation, and effective mitigation strategies for better security.
1🆒1
367 views
Hacking Articles
Google Search Operators Cheat Sheet

🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/tree/main/Google%20Search%20Operators
👍2🆒1
380 viewsedited  
Hacking Articles
Security Automation Mindmap

🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/tree/main/Security%20Automation
🍾2
368 viewsedited  
Hacking Articles
Cyber Security Attack

🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/tree/main/Cyber%20Security%20Attack
👌3
368 views
Hacking Articles
🚀 Active Directory Exploitation Training (Online) – Register Now! 🚀

🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

📧 Email: info@ignitetechnologies.in

Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies.

✔️ Comprehensive Table of Contents:
🔍 Initial Active Directory Exploitation
🔎 Active Directory Post-Enumeration
🔐 Abusing Kerberos
🧰 Advanced Credential Dumping Attacks
📈 Privilege Escalation Techniques
🔄 Persistence Methods
🔀 Lateral Movement Strategies
🛡️ DACL Abuse (New)
🏴 ADCS Attacks (New)
💎 Saphire and Diamond Ticket Attacks (New)
🎁 Bonus Sessions
💯3
393 views
Hacking Articles
https://www.rbtsec.com/blog/active-directory-certificate-attack-esc7/
RBT Security | Reinventing The Security
Active Directory Certificate Attack: ESC7 | RBT Security
Explore vulnerabilities in Active Directory Certificate Services (ADCS) and the world of ESC7 exploitation!
🎃3
387 views
Hacking Articles
https://sploitify.haxx.it/
365 views
Hacking Articles
https://posts.specterops.io/bofhound-ad-cs-integration-91b706bc7958
Medium
BOFHound: AD CS Integration
TL;DR: BOFHound can now parse Active Directory Certificate Services (AD CS) objects, manually queried from LDAP, for review and attack path…
🔥3
388 views
Hacking Articles
https://lolad-project.github.io/
376 views
Hacking Articles
https://secybr.com/posts/shodan-tutorials-for-best-practicies
secybr | penetration testing, red teaming and hack tricks.
Shodan.io Tutorials for Best Practices
penetration testing, red teaming and hack tricks.
🎉21
378 views
Hacking Articles
https://www.hackingarticles.in/mssql-for-pentester-command-execution-with-xp_cmdshell/
Hacking Articles
MSSQL for Pentester: Command Execution with xp_cmdshell
Learn how to exploit MSSQL using the xp_cmdshell command for reverse shells, privilege escalation, and remote command execution.
1
360 views
Hacking Articles
https://www.hackingarticles.in/burpsuite-for-pentester-autorize/
Hacking Articles
Burp Suite for Pentester: Autorize
Boost access control testing with Burp Suite Autorize extension. Identify auth bypass, IDOR & RBAC issues efficiently.
1
365 views
Hacking Articles
https://www.hackingarticles.in/comprehensive-guide-on-cross-site-noscripting-xss/
Hacking Articles
Comprehensive Guide on Cross-Site Scripting (XSS)
Ultimate XSS guide covering DOM/reflected/stored attack. Learn exploitation techniques, real-world examples, and advanced prevention methods.
1
331 views
Hacking Articles
🔥 OSCP+/CTF Exam Practice Training (Online) 🔥 – Register Now! 🚀

🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99
💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1

📧 Email: info@ignitetechnologies.in

Join IGNITE TECHNOLOGIES’ exclusive "Capture the Flag" Training Program and enhance your skills with the following modules:

🧠 Introduction
🌐 Information Gathering
🧱 Vulnerability Scanning
🔓 Windows Privilege Escalation
🐧 Linux Privilege Escalation
🛡️ Client-Side Attacks
🌐 Web Application Attacks
🧬 Password Attacks
🧠 Tunneling & Pivoting
🏰 Active Directory Attacks
💣 Exploiting Public Exploits
📋 Report Writing
2
508 views
Hacking Articles
https://www.hackingarticles.in/sapphire-ticket-attack-abusing-kerberos-trust/
Hacking Articles
Sapphire Ticket Attack: Abusing Kerberos Trust
Sapphire Ticket Attack abuses Kerberos to impersonate users and escalate privileges via S4U2Self and U2U in Active Directory.
1
319 views