π Pentesting Active Directory - Complete Guide | Part 1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
HACKLIDO
Pentesting Active Directory - Part 1 | Trees, Forest and Trust Relations
Let me introduce you to Active directory and familiarize with itβs components like trees, forest and trust relations Introduction Active Directory (AD) i...
β€2π₯1
π CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
HACKLIDO
CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
FortiGuard Labs detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office, which allows attackers to execute malicious code via sp...
π1
π Pentesting Active Directory - Complete Guide | Part 2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
HACKLIDO
Pentesting Active Directory - Part 2 | Access Control, Users, KRGBT, Golden ticket attack
Letβs learn about Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more. Active Directory (AD) authentication is a W...
π₯3β€1
π Pentesting Active Directory - Complete Guide | Part 3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
HACKLIDO
Pentesting Active Directory - Part 3 | Recon with AD Module, Bloodhound, PowerView & Adalanche
Letβs learn about generic reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche The process of finding a Domai...
π2π₯1
π Pentesting Active Directory - Complete Guide | Part 4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
HACKLIDO
Pentesting Active Directory - Part 4 | LLMNR Poisoning
Letβs learn about broadcast poisoning in AD - LLMNR Poisoning Or Link-Local Multicast Name Resolution Poisoning is an attack technique commonly used duri...
β€1π1
Hello π Hackers!
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
π10β€5π₯5π€©1
π Pentesting Active Directory - Complete Guide | Part 5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
HACKLIDO
Pentesting Active Directory - Part 5 | Lateral Movement, Privilege Escalation & Tools
Letβs learn about Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal Introduction Once inside the network, t...
β€3π1
π Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
HACKLIDO
Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
Introduction Linux users often take pride in their ability to compile their own code. In spite of this, a subtle yet critical attack vector has existed fo...
β€1
π Pentesting Active Directory - Complete Guide @hacklido
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write@hacklido , start writing to monetize and promote all your infosec blogs!
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write
β€1π1π₯1π€―1
π Getting started with Snort IPS - A QuickStart Guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
HACKLIDO
Getting started with Snort IPS - A QuickStart Guide
Introduction Snort is an open source Intrusion Prevention System (IPS) that detects malicious network traffic by comparing the network packets to a set of...
π3β€2
π Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
HACKLIDO
Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
If youβre anything like me, you discovered Impacket, either through a course, Ippsec, or your own research, and you look at the scripts. Your grin turns...
π1π₯1
βοΈ CyberWeekly 13' July | Issue #5
βοΈ Evernote RCE, Windows Remoting, CVE-2021-40444, MSHTML, Pentesting AD, Reverse engineering .NET, WGU, Global AppSec 2024 Lisbon, Universal RCE, False File Immutability, EvilnoVNC, STOK, Polyfill(.)io
π https://hacklido.substack.com/p/cyberweekly-13-july-issue-5
βοΈ Evernote RCE, Windows Remoting, CVE-2021-40444, MSHTML, Pentesting AD, Reverse engineering .NET, WGU, Global AppSec 2024 Lisbon, Universal RCE, False File Immutability, EvilnoVNC, STOK, Polyfill(.)io
π https://hacklido.substack.com/p/cyberweekly-13-july-issue-5
π₯2
π Key Ransomeware Threats In 2024
π https://hacklido.com/blog/877-key-ransomeware-threats-in-2024
π https://hacklido.com/blog/877-key-ransomeware-threats-in-2024
HACKLIDO
Key Ransomeware Threats In 2024
In June, we wrote about Akira β a ransomware group using double extortion techniques to coerce victims after stealing and encrypting their sensitive data....
π4
π Pentesting Active Directory - Part 7 | Abusing Misconfigured Templates (ESC1)
π https://hacklido.com/blog/882-pentesting-active-directory-part-7-abusing-misconfigured-templates-esc1
π https://hacklido.com/blog/882-pentesting-active-directory-part-7-abusing-misconfigured-templates-esc1
HACKLIDO
Pentesting Active Directory - Part 7 | Abusing Misconfigured Templates (ESC1)
Active Directory Certificate Services ADCS is used for managing public key infrastructure in an Active Directory environment. Itβs commonly used in enter...
π The Rise Of Ransomeware As A Service
π https://hacklido.com/blog/879-the-rise-of-ransomeware-as-a-service
π https://hacklido.com/blog/879-the-rise-of-ransomeware-as-a-service
HACKLIDO
The Rise Of Ransomeware As A Service
Ransomware as a Service (RaaS) platforms continue to emerge, causing a significant impact across industries and organisations. Theyβre enabling inexperien...
π Why You Should Implement Post-Quantum Security Now
π https://hacklido.com/blog/878-why-you-should-implement-post-quantum-security-now
π https://hacklido.com/blog/878-why-you-should-implement-post-quantum-security-now
HACKLIDO
Why You Should Implement Post-Quantum Security Now
For years, quantum computing has been a vision of the future. Itβs a technology that has been far away β a distant promise of computing power far beyond ou...
βοΈ CyberWeekly 20' July | Issue #6
βοΈ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
π https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
βοΈ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
π https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
β€1π1π₯1π1
π How Much Ransome Are Cybercriminals Asking For?
π https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
π https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
HACKLIDO
How Much Ransome Are Cybercriminals Asking For?
Weβre focused onβ¦ How much money threat actors are asking for when they execute ransomware attacks. Ransom sums can vary wildly At time of writing, the...
π Getting started with SOC: Setting an Elastic Home SIEM lab
π https://hacklido.com/blog/891-getting-started-with-soc-setting-an-elastic-home-siem-lab
π https://hacklido.com/blog/891-getting-started-with-soc-setting-an-elastic-home-siem-lab
HACKLIDO
Getting started with SOC: Setting an Elastic Home SIEM lab
If you want to pursue your career as an SOC analyst, you can get hand- off experience for free by setting up your own SIEM labs. Hereβs how I did it. What is...
π3π1
π The Unpatchable Exploit: How Checkra1n bypasses iCloud Activation Locks
π https://hacklido.com/blog/899-the-unpatchable-exploit-how-checkra1n-bypasses-icloud-activation-locks
π https://hacklido.com/blog/899-the-unpatchable-exploit-how-checkra1n-bypasses-icloud-activation-locks
HACKLIDO
The Unpatchable Exploit: How Checkra1n bypasses iCloud Activation Locks
The Checkra1n jailbreak has revolutionised the landscape of iOS jailbreaking and security research. Leveraging the powerful checkm8 bootrom exploit, Checkr...
β€1π1