Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

45 total results found

Français

Le contenu HideAndSec dans la langue de Molière.

NahamCon CTF 2020 Writeup

CTF

NahamCon CTF 2020 Writeup URL: https://ctf.nahamcon.com/challenges I got board on the weekend a...

Windows thread control

Red Teaming

Multithreading undoubtedly brings a lot of convenience and improves a lot of development efficien...

The RC4 encryption

Red Teaming

The RC4 encryption algorithm is a symmetric encryption algorithm. Symmetric encryption algorithm...

Defenses Evasion (The Quick'n Dirty)

Red Teaming

This is just a quick and dirty overview of some defense evasion tactics that are out there for so...

Domain Control Elevation

Red Teaming

0x01 Preface Just a collection of personal notes covering the following: Password in GPP and SY...

Cobalt Strike Process Injection

Red Teaming

0x01 Intro Here are my thoughts on process injection and share some technical details about Coba...

Introduction to Cobalt Strike

Red Teaming

0x01 What is Cobalt Strike "Cobalt Strike is software for Adversary Simulations and Red Team O...

Premier exploit

Pwn [FR] Introduction aux Buffer Overflow

Premier exploit Maintenant que vous avez vu comment modifier la sauvegarde d'EIP d'une fonction ...

Passons à la pratique!

Pwn [FR] Introduction aux Buffer Overflow

Première phase de l'exploitation Nous allons desormais nous appuyer sur le programme précédement...

Brève introduction

Pwn [FR] Introduction aux Buffer Overflow

Tout d'abord qu'est ce qu'un buffer overflow? Et à quoi ça sert? Les buffer overflow sont des fa...

CSP Series

Web Attacks

1. Intro CSP (Content Security Policy) is there / in-place to mitigate some attacks, such as xss,...

SSRF Series

Web Attacks

1. INTRO SSRF (Server-Side Request Forgery: server-side request forgery) is a fake exploit server...

Bug Bounty

Cheatsheets

Obtain subdomains and links from the target host: for h in $(cat hosts.txt); do curl -siL https:...

NorthSec 2021 Badge Writeup

CTF

To learn more about the badge itself and the development behind the scenes I would recommend wa...

HackTM CTF 2020 Writeup

CTF

Since the CTF is still active I wont be dropping the flags. You can follow along and complete the...

[FR] Système des capabilities Linux

Linux

Introduction et principes généraux des Capabilities Lorsque l’on veut lancer un processus avec c...

English

For english people

CTF

Do you want some writeups kidz ?

Linux

Linux intrusion testing methodologies, tools, and techniques

Windows

Windows intrusion testing methodologies, tools, and techniques

Red Teaming

Red teaming methodologies, tools, and techniques

About Us

Who are we and who sits behind the mask?

Pwn

Let's pwn the wrld

Web

The World Wide Web

Cheatsheets

Articles with ready to use commands for pentest and CTF

Spawning TTY Shells

Cheatsheets

Shell Spawning Python python -c 'import pty; pty.spawn("/bin/sh")' python3 -c 'import pty; pty...

Research

Searching 0days for the mama

[FR] Introduction aux Buffer Overflow

Pwn

Nous allons dans cet article voir qu'est ce qu'un buffer overflow et comment exploiter notre prem...

Attacks

Web

Microsoft

Cheatsheets

Different cheatsheets useful in Windows and Active Directory environment

Windows
Active Directory
Microsoft
Cheatsheet
MSSQL
SQL Server
WMI
Azure AD
ADCS

Cache Poisoning

Web Attacks

What is it ? Cache poisoning was popularized in 2018, although this attack existed long before, a...

Reverse shells

Cheatsheets

Listener Before any reverse shell, you need to set up the listener, which will listen to a port a...

Direct system call injection process to avoid anti-kill

Red Teaming

The content is as titled. This is also a technology I have used for a long time. I have also pos...