Skip to content

Hacking Articles

Raj Chandel’s Blog

  • Courses We Offer
  • CTF Challenges
  • Penetration Testing
  • Web Penetration Testing
  • Red Teaming
  • Donate us
Persistence

Windows Persistence: COM Hijacking (MITRE: T1546.015)

April 6, 2022 by raj12 Min Reading

According to MITRE, “Adversaries can use the COM system to insert malicious code that executes in place of legitimate software by hijacking COM references and

Lateral Movement, Red Teaming

Lateral Movement: Remote Services (Mitre:T1021)

March 27, 2022 by raj21 Min Reading

During Red Team assessments, after an attacker has compromised a system, they often move laterally through the network, gaining more relevant information on other systems.

Lateral Movement, Red Teaming

Lateral Movement: WebClient Workstation Takeover

March 24, 2022 by raj8 Min Reading

In this article, we explore how a WebClient Workstation Takeover can occur during lateral movement by abusing WebDAV shares. Inspired by @tifkin_’s and the Certified

Penetration Testing

A Detailed Guide on Crunch

March 23, 2022 by raj10 Min Reading

Often times attackers have the need to generate a wordlist based on certain criteria which are required for pentest scenarios like password spraying/brute-forcing. Other times

Red Teaming

Parent PID Spoofing (Mitre:T1134)

March 19, 2022 by raj8 Min Reading

Parent PID spoofing is an access token manipulation technique that helps an attacker evade defense mechanisms such as heuristic detection by spoofing the PPID of

Defense Evasion, Red Teaming

Indirect Command Execution: Defense Evasion (T1202)

March 17, 2022April 11, 2026 by raj11 Min Reading

Red Teams often use Indirect Command Execution as a defense evasion technique in which an adversary tries to bypass certain defense filters that restrict certain

Website Hacking

A Detailed Guide on httpx

March 14, 2022 by raj11 Min Reading

HTTPx is a fast web application reconnaissance tool coded in Go by projectdiscovery.io. With a plethora of multiple modules effective in manipulating HTTP requests and

Domain Escalation, Privilege Escalation, Red Teaming

Domain Escalation: Resource Based Constrained Delegation

March 12, 2022 by raj11 Min Reading

Resource-Based Constrained Delegation (RBCD) is a security feature in Active Directory (AD) that allows a computer object to specify which users or machines can impersonate

Privilege Escalation

Linux Privilege Escalation: DirtyPipe (CVE 2022-0847)

March 9, 2022 by raj3 Min Reading

Max Kellerman discovered the privilege escalation vulnerability DirtyPipe CVE 2022-0847, which is present in the Linux Kernel itself in post versions 5.8 and allows overwriting

Posts pagination

Previous 1 … 18 19 20 … 160 Next

Categories

Join Our WhatsApp Channel

Join Our Training Program

Join Our Telegram Channel

Join Our Discord Channel

Cyber Security Mindmap

Follow us on Twitter

Follow us on Linkedin

© All Rights Reserved 2021 Theme: Prefer by Template Sell.