π Reverse engineering of natively compiled .NET applications
π https://hacklido.com/blog/855-reverse-engineering-of-natively-compiled-net-applications
π https://hacklido.com/blog/855-reverse-engineering-of-natively-compiled-net-applications
HACKLIDO
Reverse engineering of natively compiled .NET applications
Explore the internals of applications built using native ahead-of-time (AOT) compilation. The .NET 7 platform debuted a new deployment model: forward nati...
π Introduction to Secure Software Development Lifecycle (SSDLC)
π https://hacklido.com/blog/861-introduction-to-secure-software-development-lifecycle-ssdlc
π https://hacklido.com/blog/861-introduction-to-secure-software-development-lifecycle-ssdlc
HACKLIDO
Introduction to Secure Software Development Lifecycle (SSDLC)
Security should be integrated into every stage of the software development lifecycle. Description The traditional Software Development Lifecycle (SDLC) foll...
π Pentesting Active Directory - Complete Guide | Part 1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
HACKLIDO
Pentesting Active Directory - Part 1 | Trees, Forest and Trust Relations
Let me introduce you to Active directory and familiarize with itβs components like trees, forest and trust relations Introduction Active Directory (AD) i...
π CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
HACKLIDO
CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
FortiGuard Labs detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office, which allows attackers to execute malicious code via sp...
π Pentesting Active Directory - Complete Guide | Part 2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
HACKLIDO
Pentesting Active Directory - Part 2 | Access Control, Users, KRGBT, Golden ticket attack
Letβs learn about Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more. Active Directory (AD) authentication is a W...
π Pentesting Active Directory - Complete Guide | Part 3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
HACKLIDO
Pentesting Active Directory - Part 3 | Recon with AD Module, Bloodhound, PowerView & Adalanche
Letβs learn about generic reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche The process of finding a Domai...
π Pentesting Active Directory - Complete Guide | Part 4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
HACKLIDO
Pentesting Active Directory - Part 4 | LLMNR Poisoning
Letβs learn about broadcast poisoning in AD - LLMNR Poisoning Or Link-Local Multicast Name Resolution Poisoning is an attack technique commonly used duri...
Hello π Hackers!
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
π Pentesting Active Directory - Complete Guide | Part 5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
HACKLIDO
Pentesting Active Directory - Part 5 | Lateral Movement, Privilege Escalation & Tools
Letβs learn about Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal Introduction Once inside the network, t...
π Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
HACKLIDO
Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
Introduction Linux users often take pride in their ability to compile their own code. In spite of this, a subtle yet critical attack vector has existed fo...
π Pentesting Active Directory - Complete Guide @hacklido
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write@hacklido , start writing to monetize and promote all your infosec blogs!
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write
π Getting started with Snort IPS - A QuickStart Guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
HACKLIDO
Getting started with Snort IPS - A QuickStart Guide
Introduction Snort is an open source Intrusion Prevention System (IPS) that detects malicious network traffic by comparing the network packets to a set of...
π Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
HACKLIDO
Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
If youβre anything like me, you discovered Impacket, either through a course, Ippsec, or your own research, and you look at the scripts. Your grin turns...
βοΈ CyberWeekly 13' July | Issue #5
βοΈ Evernote RCE, Windows Remoting, CVE-2021-40444, MSHTML, Pentesting AD, Reverse engineering .NET, WGU, Global AppSec 2024 Lisbon, Universal RCE, False File Immutability, EvilnoVNC, STOK, Polyfill(.)io
π https://hacklido.substack.com/p/cyberweekly-13-july-issue-5
βοΈ Evernote RCE, Windows Remoting, CVE-2021-40444, MSHTML, Pentesting AD, Reverse engineering .NET, WGU, Global AppSec 2024 Lisbon, Universal RCE, False File Immutability, EvilnoVNC, STOK, Polyfill(.)io
π https://hacklido.substack.com/p/cyberweekly-13-july-issue-5
π Key Ransomeware Threats In 2024
π https://hacklido.com/blog/877-key-ransomeware-threats-in-2024
π https://hacklido.com/blog/877-key-ransomeware-threats-in-2024
HACKLIDO
Key Ransomeware Threats In 2024
In June, we wrote about Akira β a ransomware group using double extortion techniques to coerce victims after stealing and encrypting their sensitive data....
π Pentesting Active Directory - Part 7 | Abusing Misconfigured Templates (ESC1)
π https://hacklido.com/blog/882-pentesting-active-directory-part-7-abusing-misconfigured-templates-esc1
π https://hacklido.com/blog/882-pentesting-active-directory-part-7-abusing-misconfigured-templates-esc1
HACKLIDO
Pentesting Active Directory - Part 7 | Abusing Misconfigured Templates (ESC1)
Active Directory Certificate Services ADCS is used for managing public key infrastructure in an Active Directory environment. Itβs commonly used in enter...
π The Rise Of Ransomeware As A Service
π https://hacklido.com/blog/879-the-rise-of-ransomeware-as-a-service
π https://hacklido.com/blog/879-the-rise-of-ransomeware-as-a-service
HACKLIDO
The Rise Of Ransomeware As A Service
Ransomware as a Service (RaaS) platforms continue to emerge, causing a significant impact across industries and organisations. Theyβre enabling inexperien...
π Why You Should Implement Post-Quantum Security Now
π https://hacklido.com/blog/878-why-you-should-implement-post-quantum-security-now
π https://hacklido.com/blog/878-why-you-should-implement-post-quantum-security-now
HACKLIDO
Why You Should Implement Post-Quantum Security Now
For years, quantum computing has been a vision of the future. Itβs a technology that has been far away β a distant promise of computing power far beyond ou...
βοΈ CyberWeekly 20' July | Issue #6
βοΈ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
π https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
βοΈ Crowdstrike outage, healthcare ransmoware, HIPPA, Oracle bulk patch updates, Snort IPS, Active Directory pentesting, CVE-2024-27956 - SQLi, CVE-2024-40626 - XSS (Stored), RAG manipulation attacks, etc
π https://hacklido.substack.com/p/cyberweekly-20-july-issue-6
π How Much Ransome Are Cybercriminals Asking For?
π https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
π https://hacklido.com/blog/881-how-much-ransome-are-cybercriminals-asking-for
HACKLIDO
How Much Ransome Are Cybercriminals Asking For?
Weβre focused onβ¦ How much money threat actors are asking for when they execute ransomware attacks. Ransom sums can vary wildly At time of writing, the...