π Tryhackme: Exploiting AD - A notes
π https://hacklido.com/blog/964-tryhackme-exploiting-ad-a-notes
π https://hacklido.com/blog/964-tryhackme-exploiting-ad-a-notes
HACKLIDO
Tryhackme: Exploiting AD - A notes
Exploiting Permission Delegation Permission Delegation is a feature in AD that allows administrators to give specific permissions to certain users or teams....
π Understanding HTTP: The Language of the Web
π https://hacklido.com/blog/965-understanding-http-the-language-of-the-web
π https://hacklido.com/blog/965-understanding-http-the-language-of-the-web
HACKLIDO
Understanding HTTP: The Language of the Web
This will be start of our new blog series, I am planning to to keep it simple and we will call this as Web Application Pentesting series. Websites and APIs...
What would you prefer from the following for your preparation?
Β» A traditional PDF book with comprehensive content and practice questions. [OR] Β» A structured course with textual content, graded tests, and a completion certificate (no videos).
Β» A traditional PDF book with comprehensive content and practice questions. [OR] Β» A structured course with textual content, graded tests, and a completion certificate (no videos).
Anonymous Poll
34%
Regular PDF
16%
Online Textual Coursework
50%
Both works for me
π Web Application Basics: The foundation of Modern Internet
π https://hacklido.com/blog/966-web-application-basics-the-foundation-of-modern-internet
π https://hacklido.com/blog/966-web-application-basics-the-foundation-of-modern-internet
HACKLIDO
Web Application Basics: The foundation of Modern Internet
Web applications are essential to the modern internet, providing the backbone for many services we use daily. Understanding the basics of web applicati...
π Introduction to Web Proxies: Mastering Burp Suite and OWASP ZAP
π https://hacklido.com/blog/967-introduction-to-web-proxies-mastering-burp
π https://hacklido.com/blog/967-introduction-to-web-proxies-mastering-burp
HACKLIDO
Introduction to Web Proxies: Mastering Burp Suite and OWASP ZAP
Web application security testing would be extremely difficult without web proxies. It allows penetration testers to inspect, analyze and manipulate HTTP...
π Web Recon : A Pentester's Guide to Information Gathering
π https://hacklido.com/blog/968-web-recon-a-pentesters-guide-to-information-gathering
π https://hacklido.com/blog/968-web-recon-a-pentesters-guide-to-information-gathering
HACKLIDO
Web Recon : A Pentester's Guide to Information Gathering
Information gathering or better called reconnaissance is the cornerstone of any Penetration Testing or Bug Bounty exercise. It is simply the act of colle...
π Directory Fuzzing and Hidden Resources: Using Ffuf Effectively
π https://hacklido.com/blog/969-directory-fuzzing-and-hidden-resources-using-ffuf-effectively
π https://hacklido.com/blog/969-directory-fuzzing-and-hidden-resources-using-ffuf-effectively
HACKLIDO
Directory Fuzzing and Hidden Resources: Using Ffuf Effectively
Directory fuzzing When browsing through web applications, there can be directories, or files, which are not visible when browsing through application...
π Cross-Site Scripting (XSS): Exploiting and Mitigating JavaScript Vulnerabilities
π https://hacklido.com/blog/974-cross-site-scripting-xss-exploiting-and-mitigating-javascript-vulnerabilities
π https://hacklido.com/blog/974-cross-site-scripting-xss-exploiting-and-mitigating-javascript-vulnerabilities
HACKLIDO
Finding and Exploiting XSS in Web Applications (Step-by-Step)
What is XSS? A common client side vulnerability we often see is Cross Site Scripting (XSS), where weβre allowing the attacker to insert his malicious...
π SQL Injection 101: Uncovering and Exploiting SQLi Vulnerabilities
π https://hacklido.com/blog/978-sql-injection-101-uncovering-and-exploiting-sqli-vulnerabilities
π https://hacklido.com/blog/978-sql-injection-101-uncovering-and-exploiting-sqli-vulnerabilities
HACKLIDO
SQL Injection 101: Uncovering and Exploiting SQLi Vulnerabilities
Introduction to SQL Injection What is SQL Injection and Its Types? To define SQL Injection in a single sentence attackers (hackers) inject malicious...
π Giveaway: 1x Ultimate Bug Bounty Guide 2025
Once again, we have officially partnered with TheXSSRat to help cybersecurity learners around the world.
Participate now β‘οΈ https://x.com/hacklido/status/1883477484781650245?t=89IIemROU8S4jguo7KztFw&s=19
Once again, we have officially partnered with TheXSSRat to help cybersecurity learners around the world.
Participate now β‘οΈ https://x.com/hacklido/status/1883477484781650245?t=89IIemROU8S4jguo7KztFw&s=19
π Securing NASA For Certificate: P3 Vulnerability
π https://hacklido.com/blog/982-securing-nasa-for-certificate-p3-vulnerability
π https://hacklido.com/blog/982-securing-nasa-for-certificate-p3-vulnerability
HACKLIDO
Securing NASA For Certificateπ: P3 Vulnerability
Hello and Welcome! Iβm Manan Sanghvi. This write-up is about how I discovered a P3 vulnerability in NASA (National Aeronautics and Space Administration). Th...
π Automating SQL Injection with Tools: Beginner to Pro Techniques
π https://hacklido.com/blog/983-automating-sql-injection-with-tools-beginner-to-pro-techniques
π https://hacklido.com/blog/983-automating-sql-injection-with-tools-beginner-to-pro-techniques
HACKLIDO
Automating SQL Injection with Tools: Beginner to Pro Techniques
Introduction Understanding SQL Injection A web application becomes vulnerable to SQL injection attacks when attackers perform malicious manipulation...
π Command Injection: Leveraging OS Commands for Exploits
π https://hacklido.com/blog/989-command-injection-leveraging-os-commands-for-exploits
π https://hacklido.com/blog/989-command-injection-leveraging-os-commands-for-exploits
HACKLIDO
Command Injection: Leveraging OS Commands for Exploits
Command injection is a critical vulnerability that enables attackers to execute unauthorized commands on a system. In this blog, weβll explore both w...
π Understanding Server-Side Request Forgery (SSRF)
π https://hacklido.com/blog/993-understanding-server-side-request-forgery-ssrf
π https://hacklido.com/blog/993-understanding-server-side-request-forgery-ssrf
HACKLIDO
Understanding Server-Side Request Forgery (SSRF)
Introduction: The Silent Threat Lurking in Your Web Applications Imagine a vulnerability that allows attackers to reach into your internal network, ac...
π Server-Side Includes (SSI): A Lesser-Known Exploit Vector
π https://hacklido.com/blog/998-server-side-includes-ssi-a-lesser-known-exploit-vector
π https://hacklido.com/blog/998-server-side-includes-ssi-a-lesser-known-exploit-vector
HACKLIDO
Server-Side Includes (SSI): A Lesser-Known Exploit Vector
Server Side Includes (SSI) provide developers a smooth method to dynamically build web pages in web development contexts. SSI provides developers with...