jacobh.io
Host Persistence
Initializing search
Jacob-Ham/jacobhio
$ whoami
đ Kali Setup
âī¸ Cloud
đ Web Application
đ¤ writeups
đ§ Methodologies
đĒ Active Directory
jacobh.io
Jacob-Ham/jacobhio
$ whoami
đ Kali Setup
âī¸ Cloud
âī¸ Cloud
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Authenticate
Compute Services & Lateral Movement
Credential & Identity Attacks
Discovery & Reconnaissance
Phishing via SSO Device Codes
Secrets & Notification Services
Serverless Services Exploitation
Storage Enumeration & Exploitation
Tools
đ Web Application
đ Web Application
Under Construction
Insecure File Uploads
Verb Tampering
Web Application Firewall
API
API
API
Mass Assignment
Access Control
Access Control
Getting Started
Broken Function Level Access (BLFA)
Broken Object Level Access (BOLA)
Insecure Direct Object Reference (IDOR)
Authentication
Authentication
Getting Started
Brute Forcing Authentication
Json Web Tokens (JWTs)
Multi Factor Authentication
Rate Limiting
Session Tokens
Discovery
Discovery
Directory Fuzzing
Google Dorks
Parameter Fuzzing
File Inclusion
File Inclusion
Directory Traversal
Filter Bypasses
Local File Inclusion (LFI)
Remote File Inclusion
Injections
Injections
Command Injection
Cross Site Scripting (XSS)
External Entity Injection (XXE)
NoSQL Injection
SQL Injection
Server Side Template Injection (SSTI)
Request Forgery
Request Forgery
Cross Site Request Forgery (CSRF)
Server Side Request Forgery
đ¤ writeups
đ¤ writeups
Index
HackTheBox
HackTheBox
OverCertified
đ§ Methodologies
đ§ Methodologies
â Checklists
â Checklists
Active Directory
Web Application
đ Cheatsheets
đ Cheatsheets
Compiling Binaries
Passive Network Recon
SQLMap
WebApp
Linux Privilege Escalation
Linux Privilege Escalation
ACLs
Capabilities
Credential Hunting
Environment Hunting
General Information
Groups
Low Level Exploits
NFS, Samba, Network Shares
Permissions
Restricted Shells
Service Based Escalation
Shared Libraries & Interpreter Hijacking
Writable Directories
đĒ Active Directory
đĒ Active Directory
Under Construction
Credential Access & Harvesting
Credential Access & Harvesting
ASREPRoast
Credential Dumping
Credential Hunting
Hash Cracking
Kerberoasting
Credential Forgery & Abuse
Credential Forgery & Abuse
DCShadow
DCSync
Diamond Ticket
Golden Ticket
Overpass The Hash
Pass The Hash
Pass The Ticket
Silver Ticket
Defense Evasion
Defense Evasion
Enumerating Security Controls
Powershell Downgrade
Discovery & Reconnaissance
Discovery & Reconnaissance
Domain User Enumeration
Domain Wide Enumeration
Forest & Domain Trusts
Group Membership
Host Enumeration
Living Off the Land Enumeration
Password Policy Enumeration
Initial Access & Delivery
Initial Access & Delivery
GPP Password
IPv6 Attacks
LLMNR Poisoning
LNK File Attacks
NetNTLM Hash Stealing Locations
Password Stuff
PetitPotam (MS EFSRPC)
Word Doc Macro
ZeroLogon
Lateral Movement
Lateral Movement
Alternate Service Name
Constrained Delegation
Domain ACLs
Group Policy Abuse
Kerberos Double Hop
MSSQL Abuse
Microsoft Configuration Manager
Pivoting
Relay Attacks
Resource Based Constrained Delegation
SMB
Service for User to Self
Unconstrained Delegation
Miscellaneous
Miscellaneous
Disable Restricted Admin Mode
Enable plaintext wdigest
Host Persistence
Privilege Escalation
Privilege Escalation
Local Administrator Password Solution
NoPac (SamAccountName Spoofing)
Token Privileges
UAC Bypasses
Unquoted Service Path
Weak Service Binary Permissions
Weak Service Permissions
Šī¸ ADCS
đģ PrintNightmare
Host Persistence