Abdullah Siraj
ADCS Abuse ESC7
🧠 What Is ESC7? ESC7 happens when a low-privileged user has dangerous permissions over the Certification Authority (CA) itself. Specifically: If you have: Manage CA...
ADCS Abuse ESC6
🧠 What is AD CS ESC6? ESC6 = Misconfigured CA with EDITF_ATTRIBUTESUBJECTALTNAME2 enabled In simple words: 🧨 The Certificate Authority (CA) allows users to specify...
HTB Mantis – ZeroLogon
🔥 ZeroLogon Vulnerability (CVE-2020-1472) 🧠 1️⃣️ What is ZeroLogon? ZeroLogon is a flaw in how Windows Domain Controllers authenticate themselves. It allows an attacker to:...
ADCS Abuse ESC2 – Metasploit
في هذا الدرس يتم شرح اسائة استخدام النماذج والشهادات – الجزء الثاني – بإستخدام كالي لينكس – ميتاسبلويت
ADCS Abuse ESC1 – Windows Certify & Metasploit
في هذا الدرس يتم شرح اسائة استخدام النماذج والشهادات – الجزء الثاني – بإستخدام سيرتيفاي ويندوز كالي لينكس – ميتاسبلويت الادوات المستخدمه – في...
NCrack VS Hydra
ncrack High-speed network authentication cracking tool Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively...
John The Ripper – User & File Password Crack
john John the Ripper is a tool designed to help systems administrators to find weak (easy to guess or crack through brute force) passwords, and...