Cyber Security Research Blogs - Page 22 Of 25 - Blog On Advance InfoSec Concepts

Active Directory Overview

Windows-Pentesting 7th October 201913th July 2021 blog_h4ck

Active Directory In this article, we are going to learn about active Directory. Various aspects of Active Directory. Our Main Goals of this article areContinue readingActive Directory Overview

Local Active Directory Implementation – 1

Windows-Pentesting 7th October 201913th July 2021 blog_h4ck

Active Directory Implementation Pre-requests: Windows Server 2008 r2 Data Centre (Server OS) Windows 7 (Enterprise in our case) Step 1:- On Server OS (as administrator)Continue readingLocal Active Directory Implementation – 1

Local Active Directory Implementation -2

Windows-Pentesting 7th October 201913th July 2021 Mr.x

Step 20:- Once you log in to the admin account. Click on Start and then go to Administrative Tools. Then click on Active Directory UsersContinue readingLocal Active Directory Implementation -2

CHEATSHEET – LFI & RCE & WEBSHELLS

OSCP Study material, All Blog 24th September 201910th October 2023 Mr.x

Basic LFI In the following examples, we include the /etc/passwd file, check the Directory & Path Traversal chapter for more interesting files. http://example.com/index.php?page=../../../etc/passwd Null byte ⚠️ In versions of PHPContinue readingCHEATSHEET – LFI & RCE & WEBSHELLS

WebShells & Exploitation – LFI to RCE

OSCP Study material 24th September 201913th July 2021 Mr.x

Commands can be sent to the web-shell using various methods, with HTTP POST request being the most common. However, hackers are not exactly people whoContinue readingWebShells & Exploitation – LFI to RCE

Web Shells & Exploitation Fundamentals

OSCP Study material 24th September 201913th July 2021 Mr.x

A web-shell is a malicious script used by an attacker with the intent to escalate and maintain persistent access on an already compromised web application.Continue readingWeb Shells & Exploitation Fundamentals

Linux detailed Enumeration – Commands

OSCP Study material, Linux privilege escalation 11th September 201913th July 2021 Mr.x

This blog is largely forked from the g0tmi1k’s blog https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ Thanks, G0tm1lk for your amazing contribution to the industry. Operating System What’s the distribution type? WhatContinue readingLinux detailed Enumeration – Commands

Linux Privilege Escalation all in one

OSCP Study material, Linux privilege escalation 10th September 201913th July 2021 blog_h4ck

In this blog, we will discuss detailed commands to escalate the privileges and find the user access to the files and folders. Scheduled tasks CronContinue readingLinux Privilege Escalation all in one

Linux Privilege Escalation Tools & Techniques

OSCP Study material, Linux privilege escalation 10th September 201913th July 2021 Mr.x

In this blog, we will discuss about different Linux privilege escalation techniques & Methodologies. Tools LinuxSmartEnumeration – Linux enumeration tools for pentesting and CTFswget “https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh”Continue readingLinux Privilege Escalation Tools & Techniques

Searchsploit Cheat Sheet

OSCP Study material, All Blog 9th September 201913th July 2021 Mr.x

Searchsploit an exploit search tool by Offensive Security, Unix Ninja & G0tmi1k. It allows you to take a copy of Exploit Database with you. SearchSploitContinue readingSearchsploit Cheat Sheet