Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

25 total results found

Content Discovery / Recon

Bug Bounty | Bughunting Oneliners

Obtain subdomains and links from the target host: for h in $(cat hosts.txt); do curl -siL https:...

Contact

About Us

Please contact us at : contact[at]hideandsec[d0t].sh If you have any question regarding our writ...

Defenses Evasion (The Quick'n Dirty)

Red Teaming Tactics

This is just a quick and dirty overview of some defense evasion tactics that are out there for so...

Domain Control Elevation

Red Teaming Tactics

0x01 Preface Just a collection of personal notes covering the following: Password in GPP and SY...

NahamCon CTF 2020 Writeup

CTF

NahamCon CTF 2020 Writeup URL: https://ctf.nahamcon.com/challenges I got board on the weekend a...

Spawning TTY Shells

Cheatsheets

Shell Spawning Python python -c 'import pty; pty.spawn("/bin/sh")' python3 -c 'import pty; pty...

Cobalt Strike Process Injection

Red Teaming Tactics

0x01 Intro Here are my thoughts on process injection and share some technical details about Coba...

Introduction to Cobalt Strike

Red Teaming Tactics

0x01 What is Cobalt Strike "Cobalt Strike is software for Adversary Simulations and Red Team O...

Zipper (Hard)

Hack The Box | Machines Linux

What you will learn: API to RCE Funky shell magic to get a stable environment Abusing SUID ...

Members

About Us

mxrch Passionate about computing and security since always, I'm also interested in AI, blockchai...

SSRF Intro (Part 1 SSRF Series)

Bug Bounty | Vulnerabilities Indepth

SSRF (Server-Side Request Forgery: server-side request forgery) is a fake exploit server-initiate...

HideAndSec

About Us

We are a group of cybersecurity enthusiasts interested in various areas including software securi...

CSP in a CTF Context (Part 4 CSP Series)

Bug Bounty | Vulnerabilities Indepth

Common attack surface script-src : script: only trust the current domain nameobject-src : Do not...

CSP Prevention (Part 3 CSP Series)

Bug Bounty | Vulnerabilities Indepth

CSP is especially important for your users: they no longer need to be exposed to any unsolicited ...

CSP Bypass (Part 2 CSP Series) TODO

Bug Bounty | Vulnerabilities Indepth

CSP Intro (Part 1 CSP Series)

Bug Bounty | Vulnerabilities Indepth

CSP (Content Security Policy) is there / in-place to mitigate some attacks, such as xss, csrf. It...

SSRF in a CTF Context (Part 4 SSRF Series)

Bug Bounty | Vulnerabilities Indepth

Common attack surface Port scanning can be performed on the external network, the internal netwo...

SSRF Prevention (Part 3 SSRF Series)

Bug Bounty | Vulnerabilities Indepth

How to prevent SSRF It is easier to filter the returned information and verify the response of t...

SSRF Bypass (Part 2 SSRF Series) [incomplete]

Bug Bounty | Vulnerabilities Indepth

What can we do with SSRF? SSRF to reflection XSS Try to use URL to access internal resources an...

The RC4 encryption

Red Teaming Tactics

The RC4 encryption algorithm is a symmetric encryption algorithm. Symmetric encryption algorithm...