jacobh.io
Host Persistence
Initializing search
Jacob-Ham/jacobhio
$ whoami
🐉 Kali Setup
☁️ Cloud
🌐 Web Application
🤓 writeups
🧠 Methodologies
🪟 Active Directory
jacobh.io
Jacob-Ham/jacobhio
$ whoami
🐉 Kali Setup
☁️ Cloud
☁️ Cloud
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Authenticate
Compute Services & Lateral Movement
Credential & Identity Attacks
Discovery & Reconnaissance
Phishing via SSO Device Codes
Secrets & Notification Services
Serverless Services Exploitation
Storage Enumeration & Exploitation
Tools
🌐 Web Application
🌐 Web Application
Under Construction
Insecure File Uploads
Verb Tampering
Web Application Firewall
API
API
Getting Started
API
Mass Assignment
Access Control
Access Control
Getting Started
Broken Function Level Access (BLFA)
Broken Object Level Access (BOLA)
Insecure Direct Object Reference (IDOR)
Authentication
Authentication
Getting Started
Brute Forcing Authentication
Json Web Tokens (JWTs)
Multi Factor Authentication
Rate Limiting
Session Tokens
Discovery
Discovery
Directory Fuzzing
Google Dorks
Parameter Fuzzing
File Inclusion
File Inclusion
Directory Traversal
Filter Bypasses
Local File Inclusion (LFI)
Remote File Inclusion
Injections
Injections
Command Injection
Cross Site Scripting (XSS)
External Entity Injection (XXE)
NoSQL Injection
SQL Injection
Server Side Template Injection (SSTI)
Request Forgery
Request Forgery
Cross Site Request Forgery (CSRF)
Server Side Request Forgery
🤓 writeups
🤓 writeups
Index
HackTheBox
HackTheBox
OverCertified
🧠 Methodologies
🧠 Methodologies
✅ Checklists
✅ Checklists
Active Directory
Web Application
😏 Cheatsheets
😏 Cheatsheets
Compiling Binaries
Misc
Passive Network Recon
PowerView
SQLMap
WebApp
DaForce
DaForce
Salesforce 1
Salesforce 2
Salesforce 3
Salesforce 4
Linux Privilege Escalation
Linux Privilege Escalation
ACLs
Capabilities
Credential Hunting
Environment Hunting
General Information
Groups
Low Level Exploits
NFS, Samba, Network Shares
Permissions
Restricted Shells
Service Based Escalation
Shared Libraries & Interpreter Hijacking
Writable Directories
Wifi
Wifi
Attacking
Bypassing MAC Filtering
Cracking Passphrases
Decrypting Captures
Driver Installation Alfa A1US036ACS
Finding Hidden Networks
Interface Modes
Monitor Mode
Reconnaissance
🪟 Active Directory
🪟 Active Directory
Under Construction
1. Reconnaissance & Enumeration
1. Reconnaissance & Enumeration
Domain User Enumeration
Domain Wide Enumeration
Enumerating Security Controls
Group Membership
Living Off the Land Enumeration
Password Policy Enumeration
Service Enumeration
2. Initial Compromise
2. Initial Compromise
ASREPRoast
IPv6 Attacks
LLMNR Poisoning
NTLM Hash Theft
Password Stuff
Pre Boot Execution Environment PXE
Relay Attacks
Word Doc Macro
ZeroLogon
👻 PrintNightmare
3. Credential Theft
3. Credential Theft
Authentication Coercion
Credential Dumping
Credential Hunting
GPP Password
Hash Cracking
Kerberoasting
Unconstrained Delegation
4. Lateral Movement
4. Lateral Movement
Alternate Service Name
Constrained Delegation
Domain ACLs
Execution Methods
Forest & Domain Trusts
Group Policy Abuse
Kerberos Double Hop
MSSQL Abuse
Overpass The Hash
Pass The Hash
Pass The Ticket
Pivoting
Resource Based Constrained Delegation
Service for User to Self
5. Privilege Escalation
5. Privilege Escalation
Domain
Domain
DCShadow
DCSync
Diamond Ticket
Golden Ticket
NoPac (SamAccountName Spoofing)
Silver Ticket
ADCS
ADCS
ESC1
Enumerate ADCS
SCCM
SCCM
SCCM Site Takeover I
SCCM Site Takeover II
Local
Local
Local Administrator Password Solution
Token Privileges
UAC Bypasses
Unquoted Service Path
Weak Service Binary Permissions
Weak Service Permissions
6. Defense Evasion
6. Defense Evasion
Powershell Downgrade
Miscellaneous
Miscellaneous
Disable Restricted Admin Mode
Enable plaintext wdigest
Host Persistence
Host Persistence