![Hacking Articles](https://i1.feedspot.com/242231.jpg?t=1617634740)
Hacking Articles
21,415 FOLLOWERS
A comprehensive source of information on cybersecurity, ethical hacking, penetration testing, and other topics of interest for information security professionals. Authored by Raj Chandel. Chandel's primary interests lie in system exploitation and vulnerability research, but you'll find tools, resources, and tutorials on everything.
Hacking Articles
2M ago
In web security, a race condition refers to a scenario where the behaviour of a web application is influenced by the sequence or timing of events, potentially leading to unintended security vulnerabilities. This occurs when multiple processes or threads access shared resources concurrently, and the outcome depends on the order in which these operations are executed.
Table of Contents
Key features
Testing on a vulnerable application
Application’s intended behaviour
Application’s unintended behaviour
About the vulnerability
Conclusion
Key features
Following are the key features of the Race Con ..read more
Hacking Articles
3M ago
Disk Group Privilege Escalation is a complex attack method targeting vulnerabilities or misconfigurations within the disk group management system of Linux environments. Attackers might focus on disk devices such as /dev/sda, which represents the primary hard drive in Linux systems and is commonly associated with the first SCSI (Small Computer System Interface) disk device, during Disk Group Privilege Escalation attacks. Attackers exploit vulnerabilities or misconfigurations linked to /dev/sda and similar devices to gain unauthorized access to sensitive data or exploit associated vulnerabilitie ..read more
Hacking Articles
3M ago
Jenkins is an open-source automation server used for continuous integration (CI) and continuous delivery (CD). It’s built on Java and utilizes a scripting platform for automation. Jenkins automates tasks such as building, testing, and deployment in the software development lifecycle. This automation accelerates development cycles, enhances code quality, and streamlines releases. Key features include CI/CD pipelines, automated testing, integration with version control systems, extensibility via plugins, and robust monitoring and reporting capabilities.
Table of Contents
Lab Setup
Installation ..read more
Hacking Articles
3M ago
Apache Tomcat, developed by the Apache Software Foundation, is a widely used web server and servlet container. Originally, it served as a demonstration platform for Java Servlet and JavaServer Pages (JSP) technologies, which are used in Java web applications. As time passed, Tomcat expanded its capabilities to support additional Java web technologies.
A notable feature of Tomcat is its support for deploying web applications using WAR (Web Application Archive) files. These files bundle together all the components of a web application, including code, pages, and files, making deployment simpler ..read more
Hacking Articles
3M ago
Pwncat stands out as an open-source Python tool highly regarded for its versatility, providing a contemporary alternative to the traditional netcat utility. Tailored for network exploration, exploitation, and penetration testing needs, it offers a modernized approach to these tasks. With an emphasis on user-friendly features and comprehensive functionality, pwncat facilitates seamless interactions with network services, aiding in reconnaissance and vulnerability assessment.
The official documentation for the usage of this tool can be checked from here: https://pwncat.org/
Table of Content
Lab ..read more
Hacking Articles
3M ago
In the realm of cybersecurity, network scanning tools play a vital role in reconnaissance and vulnerability assessment. Among the array of options available, Rustscan has emerged as a formidable contender, offering speed, efficiency, and versatility that distinguish it from traditional tools like Nmap.
Table of Contents
What sets Rustscan apart?
Advantages of Rustscan over Nmap
Usage (Docker)
Installation and Usage (Standalone)
Rustscan flags
Conclusion
What sets Rustscan apart?
Rustscan is an open-source network scanner developed in the Rust programming language. Its lightweight design, opt ..read more
Hacking Articles
4M ago
Pentesters rely on a variety of tools to establish connections and maintain access during security assessments. One critical component of their toolkit is the listener—a program that listens for incoming connections and facilitates communication with compromised systems.
In this blog post, we’ll delve into different listener options, exploring features and use cases for popular tools such as Netcat, Rlwrap, Rustcat, Pwncat and Windows ConPty shell.
Table of Content
Reverse Shell Generator
Netcat for Beginners
Rlwrap for OSCP
Rustcat for OSCP
Pwncat for Read Teamers
Windows ConPty for OS ..read more
Hacking Articles
4M ago
Introduction
Shellcodes are machine instructions that are used as a payload in the exploitation of a vulnerability. An exploit is a small code that targets a vulnerability. Shellcodes are written in assembly. We generally refer to sites like shell-storm.org to get shellcodes and attach them to our exploits. But how can we make our shellcodes?
This series of articles focuses on creating our shellcodes. In Part 1, we’d be understanding basic assembly instructions, writing our very first assembly code, and turning that into a shell code.
Table of Content
Understanding CPU Registers
First Assembl ..read more
Hacking Articles
6M ago
This comprehensive guide delves into the intricacies of Lateral Movement utilizing Ligolo-Ng, a tool developed by Nicolas Chatelain. The Ligolo-Ng tool facilitates the establishment of tunnels through reverse TCP/TLS connections using a tun interface, avoiding the necessity of SOCKS. This guide covers various aspects, from the tool’s unique features to practical applications such as single and double pivoting within a network.
Download Ligolo-Ng:
Ligolo-Ng can be downloaded from the official repository: Ligolo-Ng Releases.
Table of Contents:
Introduction to Ligolo-Ng
Ligolo V/S Chisel
Lab Set ..read more
Hacking Articles
6M ago
In order to protect online assets, web application security testing is an essential element of safeguarding them. Burp Suite has been a leader in this area for many years and it’s still being used by safety professionals as well as Ethical hackers. One of those extensions that stands out in the web security testing community is “Autorize”, which comes with a wide variety of additional features to improve its capabilities. A powerful set of features that simplify the authentication and authorization testing process is available with this extension.
Autorize = Authenticate + Authorize
Authorizat ..read more