Skip to main content

Recently Updated Pages

[EN] Zipper (Hard)

What you will learn: API to RCE Funky shell magic to get a stable environment Abusing SUID binar...

Bug Bounty - Content Discovery / Recon

Obtain subdomains and links from the target host: for h in $(cat hosts.txt); do curl -siL https:/...

[FR] Système des capabilities Linux

Introduction et principes généraux des Capabilities Lorsque l’on veut lancer un processus avec ce...

HideAndSec

Nous sommes un groupe de passionnés d'informatique, de sécurité web, logiciel, IoT, analyse de bi...

MDT, where are you?

TLDR Search for the intellimirrorSCP object class and its netbootServer attribute to find a WDS s...

Active Directory

This cheatsheet is built from numerous papers, GitHub repos and GitBook, blogs, HTB boxes and lab...

System Center Configuration Manager

This cheatsheet is built from numerous papers, GitHub repos and GitBook, blogs, HTB boxes and lab...

Active Directory Certificate Services

It is a cheatsheet about the different AD-CS attacks presented by SpecterOps. All the references ...

Active Directory - Python edition

This cheatsheet is built from numerous papers, GitHub repos and GitBook, blogs, HTB boxes and lab...

Pivoting

This cheatsheet is built from numerous papers, GitHub repos and GitBook, blogs, HTB boxes and lab...

[FR] Decentralized Identifiers (DIDs)

Rappels Identity and Access Management (IAM) Il existe actuellement 3 grandes formes de Gestion ...

In the Potato family, I want them all

Back in 2016, an exploit called Hot Potato was revealed and opened a Pandora's box of local privi...

CSP Series

1. Intro CSP (Content Security Policy) is there / in-place to mitigate some attacks, such as xss,...

SSRF Series

1. INTRO SSRF (Server-Side Request Forgery: server-side request forgery) is a fake exploit server...

Spawning TTY Shells

Shell Spawning Python python -c 'import pty; pty.spawn("/bin/sh")' python3 -c 'import pty; pty...

Reverse shells

Listener Before any reverse shell, you need to set up the listener, which will listen to a port a...

Cache Poisoning

What is it ? Cache poisoning was popularized in 2018, although this attack existed long before, a...

[FR] Zipper (Hard)

Ce que vous allez apprendre : API vers RCE De la magie pour obtenir un shell stable Abus des...

Cobalt Strike Process Injection

0x01 Intro Here are my thoughts on process injection and share some technical details about Coba...

How to Hide Your CobaltStrike

CobaltStrike Overview Cobalt Strike is the most prevalent threat emulation software packages use...