Hacking Articles

Best of Nmap Scan Host Discovery https://www.hackingarticles.in/nmap-for-pentester-host-discovery/ Output Scan https://www.hackingarticles.in/nmap-for-pentester-output-format-scan/ Vulnerability Scan https://www.hackingarticles.in/nmap-for-pentester-vulnerability-scan/ Password Cracking https://www.hackingarticles.in/nmap-for-pentester-password-cracking/ Packet Trace https://www.hackingarticles.in/understanding-nmap-packet-trace/ Timing Parameters https://www.hackingarticles.in/nmap-scan-with-timing-parameters/ Scan with HEX Value https://www.hackingarticles.in/nmap-scans-using-hex-value-flags/ Forensic Investigation of Nmap Scan using Wireshark https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/ Timing Scan https://www.hackingarticles.in/understanding-guide-nmap-timing-scan-firewall-bypass/ Port Status https://www.hackingarticles.in/comprehensive-guide-on-nmap-port-status/ Understanding Guide to https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-2/ Nmap Firewall Scan (Part 1) https://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-1/ Nmap Scan with Wireshark https://www.hackingarticles.in/understanding-nmap-scan-wireshark/ Network Scanning using NMAP (Beginner Guide) https://www.hackingarticles.in/network-scanning-using-nmap-beginner-guide/

Best of SQL Injection How to set up SQLI Lab in Kali https://www.hackingarticles.in/set-sqli-lab-kali/ Beginner’s Guide to SQL Injection (Part 1) https://www.hackingarticles.in/beginner-guide-sql-injection-part-1/ Beginner Guide to SQL Injection Boolean Based (Part 2) https://www.hackingarticles.in/beginner-guide-sql-injection-boolean-based-part-2/ How to Bypass SQL Injection Filter Manually https://www.hackingarticles.in/bypass-filter-sql-injection-manually/ Form Based SQL Injection Manually https://www.hackingarticles.in/form-based-sql-injection-manually/ Manual SQL Injection Exploitation Step by Step. https://www.hackingarticles.in/manual-sql-injection-exploitation-step-step/

Best of Wireshark Tutorial A Beginner’s Guide https://www.hackingarticles.in/wireshark-for-pentesters-a-beginners-guide/ Password Sniffing https://www.hackingarticles.in/wireshark-for-pentester-password-sniffing/ Nmap Scan using Wireshark https://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark/ Understanding Nmap Scan with Wireshark https://www.hackingarticles.in/understanding-nmap-scan-wireshark/ Network Packet Forensic using Wireshark https://www.hackingarticles.in/network-packet-forensic-using-wireshark/ Understanding Guide to ICMP Protocol with Wireshark https://www.hackingarticles.in/understanding-guide-icmp-protocol-wireshark/ Working of Traceroute using Wireshark https://www.hackingarticles.in/working-of-traceroute-using-wireshark/

🔥Active Directory Red Team Ops Webinar (Free)🔥 We’re hosting a free 3-hour live webinar on Active Directory Red Team Operations, designed for professionals interested in real-world attack techniques used against enterprise AD environments. 🗓️ Date: 15th June 2025 🕒 Time: 6:00 PM IST to 9 PM IST What you’ll learn * MITRE-mapped AD attack paths * Live demos: Kerberoasting & ACL-based privilege escalation * Common misconfigurations exploited by attackers * Red Teaming career roadmap & practical learning paths 🎓 Ideal for: Red Teamers, Blue Teamers, OSCP aspirants, and security engineers. We’ll also unveil: * 3-Weekend AD Workshop – ₹14,999 * 2.5-Month Advanced Course – ₹36,999 📌 Join here to register and get webinar details: 👉 https://chat.whatsapp.com/HWKRCQtcIiY27YXbk3BGKU Feel free to message me if you have any questions. Best Regards, Ignite Technologies

HTTPx Mindmap 🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/httpx/HTTPX%20HD.png

XSS Tools 🔴⚫️Full HD Image: https://github.com/Ignitetechnologies/Mindmap/blob/main/XSS%20Tools/XSS%20Testing%20Tools%20HD.png

🔍 GMSA Password Attack: Exploiting Group Managed Service Accounts

Learn to extract & abuse GMSA passwords for AD privilege escalation:

✔ Retrieve hashes using PowerShell & Mimikatz

✔ Crack passwords & escalate privileges

✔ Bypass restrictions via gMSAPassword exploitation

🔧 Key Techniques:

• Get-ADServiceAccount hash extraction

• DSInternals hash conversion

• Kerberos ticket abuse

📖 Full Guide: Read Here

🔍 [Day 2] ADCS Exploitation: ESC2

ESC2 involves misconfigured certificate templates permitting enrollment for any purpose, enabling unauthorized authentication or code signing.

📌 Key Points:

Risk: Templates with Any Purpose (OID 2.5.29.37.0) or SubCA (OID 2.5.29.19.20) allow misuse.

Exploitation: Attackers obtain certificates for unintended purposes (e.g., domain persistence).

Mitigation: Restrict templates to specific OIDs and enforce least-privilege enrollment.

📖 Reference: ESC2 Technical Breakdown

Next: ESC3 – Agent certificate abuse.

🔥 OSCP+/CTF Exam Practice Training (Online) 🔥 – Register Now! 🚀 🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99 💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1 📧 Email: info@ignitetechnologies.in Join IGNITE TECHNOLOGIES’ exclusive "Capture the Flag" Training Program and enhance your skills with the following modules: 🧠 Introduction 🌐 Information Gathering 🧱 Vulnerability Scanning 🔓 Windows Privilege Escalation 🐧 Linux Privilege Escalation 🛡️ Client-Side Attacks 🌐 Web Application Attacks 🧬 Password Attacks 🧠 Tunneling & Pivoting 🏰 Active Directory Attacks 💣 Exploiting Public Exploits 📋 Report Writing #infosec #cybersecurity #cybersecuritytips #microsoft #AI #informationsecurity #CyberSec #microsoft #offensivesecurity #infosecurity #cyberattacks #security #oscp #cybersecurityawareness #bugbounty #bugbountytips

Docker for Pentester Docker for Pentester: Abusing Docker API https://www.hackingarticles.in/docker-for-pentester-abusing-docker-api/ Docker for Pentester: Image Vulnerability Assessment https://www.hackingarticles.in/docker-for-pentester-image-vulnerability-assessment/ Docker for Pentester: Pentesting Framework https://www.hackingarticles.in/docker-for-pentester-pentesting-framework/ Docker Privilege Escalation https://www.hackingarticles.in/docker-privilege-escalation/

Web Application Pentest Lab Setup Web Application Lab Setup: AWS https://www.hackingarticles.in/web-application-pentest-lab-setup-on-aws/ Web Application Lab Setup: Docker https://www.hackingarticles.in/web-application-pentest-lab-setup-using-docker/ Web Application Lab Setup: Windows https://www.hackingarticles.in/web-application-lab-setup-on-windows/ Web Application Lab Setup: Linux https://www.hackingarticles.in/configure-web-application-penetration-testing-lab/

🚀 Active Directory Exploitation Training (Online) – Register Now! 🚀 🔗 Register here: https://forms.gle/bowpX9TGEs41GDG99 💬 WhatsApp: https://wa.me/message/HIOPPNENLOX6F1 📧 Email: info@ignitetechnologies.in Limited slots available! Hurry up to secure your spot in this exclusive training program offered by Ignite Technologies. ✔️ Comprehensive Table of Contents: 🔍 Initial Active Directory Exploitation 🔎 Active Directory Post-Enumeration 🔐 Abusing Kerberos 🧰 Advanced Credential Dumping Attacks 📈 Privilege Escalation Techniques 🔄 Persistence Methods 🔀 Lateral Movement Strategies 🛡️ DACL Abuse (New) 🏴 ADCS Attacks (New) 💎 Saphire and Diamond Ticket Attacks (New) 🎁 Bonus Sessions

Best of Password Cracking Password Cracking:MS-SQL https://www.hackingarticles.in/password-crackingms-sql/ Password Cracking:VNC https://www.hackingarticles.in/password-crackingvnc/ Password Cracking:PostgreSQL https://www.hackingarticles.in/password-crackingpostgresql/ Password Cracking:MySQL https://www.hackingarticles.in/password-crackingmysql/ Password Cracking:MySQL https://www.hackingarticles.in/password-crackingmysql/ Password Cracking:SSH https://www.hackingarticles.in/password-crackingssh/ Password Cracking:Telnet https://www.hackingarticles.in/password-crackingtelnet/ Password Cracking:FTP https://www.hackingarticles.in/password-crackingftp/ Password Cracking:SMB https://www.hackingarticles.in/password-crackingsmb/

Best of Credential Dumping NTDS.dit https://www.hackingarticles.in/credential-dumping-ntds-dit/ DCSync Attack https://www.hackingarticles.in/credential-dumping-dcsync-attack/ LAPS https://www.hackingarticles.in/credential-dumpinglaps/ Domain Cache Credential https://www.hackingarticles.in/credential-dumping-domain-cache-credential/ Wireless https://www.hackingarticles.in/credential-dumping-wireless/ Group Policy Preferences (GPP) https://www.hackingarticles.in/credential-dumping-group-policy-preferences-gpp/ Windows Credential Manager https://www.hackingarticles.in/credential-dumping-windows-credential-manager/ WDigest https://www.hackingarticles.in/credential-dumping-wdigest/ Security Support Provider (SSP) https://www.hackingarticles.in/credential-dumping-security-support-provider-ssp/ SAM https://www.hackingarticles.in/credential-dumping-sam/ Applications https://www.hackingarticles.in/credential-dumping-applications/ Phishing Windows Credentials https://www.hackingarticles.in/credential-dumping-phishing-windows-credentials/ Local Security Authority (LSA|LSASS.EXE) https://www.hackingarticles.in/credential-dumping-local-security-authority-lsalsass-exe/ Clipboard https://www.hackingarticles.in/credential-dumping-clipboard/