#ethicalhacking — Public Fediverse posts

🍵 HTB Support Walkthrough 🍵

Learn how to perform:
- LDAP Enumeration
- .NET Reverse Engineering
- Bloodhound Enumeration
- Resource Based Constraint Delegation

🎬️Watch it here:
https://www.youtube.com/watch?v=VIgskjoELo0

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

🍵 HTB Support Walkthrough 🍵

Learn how to perform:
- LDAP Enumeration
- .NET Reverse Engineering
- Bloodhound Enumeration
- Resource Based Constraint Delegation

🎬️Watch it here:
https://www.youtube.com/watch?v=VIgskjoELo0

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

🍵 HTB Sauna Walkthrough 🍵

Learn how to perform:
- Username Enumeration
- AS-REP Roasting
- BloodHound Enumeration
- DCSync Attack

🎬️Watch it here:
https://www.youtube.com/watch?v=WsBBGzcq0nI

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

🍵 HTB Sauna Walkthrough 🍵

Learn how to perform:
- Username Enumeration
- AS-REP Roasting
- BloodHound Enumeration
- DCSync Attack

🎬️Watch it here:
https://www.youtube.com/watch?v=WsBBGzcq0nI

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

Comprehensive List of Top 10 Uses for #VPS Servers If you've ever wondered, "what are common use-cases for VPS servers?", you have come to the right place!

We have compiled a list of the top 10 uses for VPS servers, as observed by Rad Web Hosting staff, during the course of providing VPS hosting services since 2015.

It should be noted that this compilation is not ...
Continued 👉 https://blog.radwebhosting.com/top-10-uses-for-vps-servers/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #vpnhosting #gameservers #cloudstorage #ethicalhacking #backup #scalability #vpsservers

TISC 2026 by CSIT wrapped last week. Five finals challenges, five completely different rabbit holes.

Favourite was a hardware one. Spent hours convinced my approach was broken. Quick chat with an organiser revealed the truth: NO ONE HOLDS THE ADMIN DEVICE. It was on a pole up front. I was pressing my button every time a different organiser walked past my desk like an NPC. Walked over, pressed it, boom, solved.

Sometimes the bug is not in your code. It is in your assumptions about the room.

#TISC2026 #Cybersecurity #SGCyber #CSIT #CTF #DEFCON #InfoSec #DEFCONSG #TISC #EthicalHacking

TISC 2026 by CSIT wrapped last week. Five finals challenges, five completely different rabbit holes.

Favourite was a hardware one. Spent hours convinced my approach was broken. Quick chat with an organiser revealed the truth: NO ONE HOLDS THE ADMIN DEVICE. It was on a pole up front. I was pressing my button every time a different organiser walked past my desk like an NPC. Walked over, pressed it, boom, solved.

Sometimes the bug is not in your code. It is in your assumptions about the room.

#TISC2026 #Cybersecurity #SGCyber #CSIT #CTF #DEFCON #InfoSec #DEFCONSG #TISC #EthicalHacking

I'm looking forward to our cybersecurity capture the flag trying out together afternoon! This event is free and open for all genders. No registration required, just show up with your computer (or borrow one from us).
More info on the website. :)

And they're are always cockies, offline and with real life crumbles. 😅

#it #cybersecurity #fliNTA #feminist #Frauen #linux #meetup #opensource #ctf #ccc #c3w #tu #University #selforganized #vienna #Austria #Wien #meetup #learning #workshop #cyberchef #hacking #ethicalHacking #redteaming
#blueteaming
@totientfunction @c3wien

I'm looking forward to our cybersecurity capture the flag trying out together afternoon! This event is free and open for all genders. No registration required, just show up with your computer (or borrow one from us).
More info on the website. :)

And they're are always cockies, offline and with real life crumbles. 😅

#it #cybersecurity #fliNTA #feminist #Frauen #linux #meetup #opensource #ctf #ccc #c3w #tu #University #selforganized #vienna #Austria #Wien #meetup #learning #workshop #cyberchef #hacking #ethicalHacking #redteaming
#blueteaming
@totientfunction @c3wien

I'm looking forward to our cybersecurity capture the flag trying out together afternoon! This event is free and open for all genders. No registration required, just show up with your computer (or borrow one from us).
More info on the website. :)

And they're are always cockies, offline and with real life crumbles. 😅

#it #cybersecurity #fliNTA #feminist #Frauen #linux #meetup #opensource #ctf #ccc #c3w #tu #University #selforganized #vienna #Austria #Wien #meetup #learning #workshop #cyberchef #hacking #ethicalHacking #redteaming
#blueteaming
@totientfunction @c3wien

I'm looking forward to our cybersecurity capture the flag trying out together afternoon! This event is free and open for all genders. No registration required, just show up with your computer (or borrow one from us).
More info on the website. :)

And they're are always cockies, offline and with real life crumbles. 😅

#it #cybersecurity #fliNTA #feminist #Frauen #linux #meetup #opensource #ctf #ccc #c3w #tu #University #selforganized #vienna #Austria #Wien #meetup #learning #workshop #cyberchef #hacking #ethicalHacking #redteaming
#blueteaming
@totientfunction @c3wien

I'm looking forward to our cybersecurity capture the flag trying out together afternoon! This event is free and open for all genders. No registration required, just show up with your computer (or borrow one from us).
More info on the website. :)

And they're are always cockies, offline and with real life crumbles. 😅

#it #cybersecurity #fliNTA #feminist #Frauen #linux #meetup #opensource #ctf #ccc #c3w #tu #University #selforganized #vienna #Austria #Wien #meetup #learning #workshop #cyberchef #hacking #ethicalHacking #redteaming
#blueteaming
@totientfunction @c3wien

Linux Privilege Escalation Cheat Sheet: Techniques and Prevention.

In this cheat sheet, I break down essential enumeration commands, common escalation paths, and practical techniques every security professional should know.
https://denizhalil.com/2025/06/30/linux-privilege-escalation-cheat-sheet/

#CyberSecurity #LinuxSecurity #PrivilegeEscalation #Pentesting #RedTeam #BlueTeam #InfoSec #ethicalhacking #SecurityEngineering #itsecurity

🍵 HTB Sau Walkthrough 🍵

Learn how to:
- Perform SSRF in request-baskets
- Exploit Command Injection in Maltrail

🎬️Watch it here:
https://www.youtube.com/watch?v=wNkrm_PSsQU

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

Reflecting on Day 1 of the HTX CTF Finals here in Singapore.

I didn't win, but the technical takeaway was clear: Precision is a force multiplier.

By focusing on a high hit rate rather than just speed, I held 5th place for a good portion of the day. It’s a great reminder that in our field, being precise is a technical skill in itself.

Looking forward to the Day 2 challenges tomorrow!

#CTF #Cybersecurity #AISecurity #IoTSecurity #DEFCON #HTXsg #DEFCONSG #EthicalHacking #CaptureTheFlag #PublicSafety #HTXctf

🚨 Most people think red teaming is about exploits.

It’s not.

The most effective attacks today don’t start with vulnerabilities —
they start with **trust**.

Modern environments are cloud-heavy, identity-driven, and full of SaaS integrations. In these systems, attackers don’t always need to “break in.”

They move quietly through:

• Over-permissioned identities
• Weak approval workflows
• Misconfigured cloud roles
• OAuth tokens and API access
• Human behavior under pressure
• Business processes no one questions

This is what I’ve been studying and calling the **Quiet Kill Chain** —
a sequence of legitimate-looking actions that, when chained together, become an attack path.

No loud exploits.
No obvious malware.
Just normal activity… used the wrong way.

## What changes at an advanced level?

You stop asking:
“What exploit should I use?”

And start asking:

• Where does this system trust too easily?
• Which action would look completely normal?
• What would defenders ignore?
• How can I blend into business operations?

Because the strongest intrusion today is not the one that is invisible.

It’s the one that looks **legitimate**.

## My takeaway

Offensive security is shifting from breaking systems
to understanding them deeply enough to move inside them unnoticed.

I’ve written a full deep-dive on this concept here 👇

🔗 https://dev.to/blackcipher/the-quiet-kill-chain-how-modern-red-teamers-break-organizations-without-exploits-1ell

Curious to hear your thoughts —
Is detection today ready for this level of subtlety?

#CyberSecurity #RedTeam #OffensiveSecurity #ThreatIntel #CloudSecurity #IdentitySecurity #EthicalHacking #BlackCipher

Spoofing Packets with Scapy: A Comprehensive Guide

In this article, I cover how packet spoofing works with Scapy, practical use cases, and key security implications.
https://denizhalil.com/2025/07/22/spoofing-packets-with-scapy-a-comprehensive-guide/

#CyberSecurity #Scapy #PacketSpoofing #NetworkSecurity #Python #EthicalHacking #RedTeam #BlueTeam #Pentesting #InfoSec #SecurityEngineering #denizhalil

Cybersecurity Interview Questions and Answer Tips

In this article, I cover the most common cybersecurity interview questions and how to approach them effectively.

https://denizhalil.com/2025/12/08/cybersecurity-interview-questions-2025/

#CyberSecurity #InfoSec #CyberSecurityCareer #InterviewPrep #SOC #RedTeam #BlueTeam #ITSecurity #CareerDevelopment #EthicalHacking #SecurityEngineering #denizhalil

Python C2 Server for Red Teaming: A Comprehensive Hands-On Guide

In this guide, I walk through building a Python-based C2 server, covering its architecture, encrypted communication, and real-world operational workflow.
https://denizhalil.com/2025/12/15/python-c2-server-red-teaming-guide/

#CyberSecurity #RedTeam #C2 #commandandcontrol #Python #offensivesecurity #Pentesting #infosec #threatdetection #blueteam #securityengineering #ethicalhacking

What are Pass-the-Hash and Pass-the-Ticket Attacks: A Comprehensive Guide

In this article, I cover how these attacks work, their differences, and how to detect and mitigate them.
https://denizhalil.com/2026/01/05/pass-the-hash-pass-the-ticket-attacks-guide/

#cybersecurity #ActiveDirectory #PassTheHash #PassTheTicket #credentialaccess #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #denizhalil

What are Pass-the-Hash and Pass-the-Ticket Attacks: A Comprehensive Guide

In this article, I cover how these attacks work, their differences, and how to detect and mitigate them.
https://denizhalil.com/2026/01/05/pass-the-hash-pass-the-ticket-attacks-guide/

#cybersecurity #ActiveDirectory #PassTheHash #PassTheTicket #credentialaccess #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #denizhalil

🚀 Introducing Kampala: The #MITM Magic Wand that takes your ethical hacking fantasies to the next level by reverse-engineering apps into APIs. Because who needs a moral compass when you can automate “all the things” with just a few clicks? 🤖✨ Now available for Mac, but Windows users will have to wait, because apparently they love queues as much as reverse engineering. 😂
https://www.zatanna.ai/kampala #Kampala #EthicalHacking #API #ReverseEngineering #TechForGood #HackerNews #ngated

Chaos Computer Club
https://negativepid.blog/chaos-computer-club-ccc/

#CCC #ChaosComputerClub #hackers #hackerCollectives #Germany #BBS #ethicalHacking
#Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

What is NetBIOS and SMB Exploitation Techniques: A Practical Guide

In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.

https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/

#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil

What is NetBIOS and SMB Exploitation Techniques: A Practical Guide

In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.

https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/

#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil

What is NetBIOS and SMB Exploitation Techniques: A Practical Guide

In this article, I cover key exploitation techniques, real-world attack scenarios, and how to secure these services effectively.

https://denizhalil.com/2026/01/15/netbios-smb-exploitation-techniques-guide/

#CyberSecurity #SMB #NetBIOS #NetworkSecurity #ActiveDirectory #RedTeam #BlueTeam #Pentesting #InfoSec #WindowsSecurity #EthicalHacking #ITSecurity #DenizHalil

The cybersecurity certification landscape
https://negativepid.blog/the-cybersecurity-certification-landscape/

#defensiveSecurity #threatHunting #forensics #offensiveSecurity #ethicalHacking #cybersecurityCareers #cybersecurityCerts #certifications #Cybersecurity #ITcareers #onlineSecurity #negativepid

SSH Tunneling and Port Forwarding Techniques: A Comprehensive Guide

In this article, I cover:
* How SSH tunneling works under the hood
* Local, remote, and dynamic port forwarding techniques
* Real-world use cases (databases, internal services, pivoting)
* Security risks and hardening recommendations

https://denizhalil.com/2026/02/02/ssh-tunneling-port-forwarding-guide/

#CyberSecurity #sshtunneling #portforwarding #NetworkSecurity #Linux #RedTeam #BlueTeam #Pentesting #InfoSec #securityengineering #EthicalHacking #ITSecurity

Subdomain Takeover Vulnerabilities and Prevention

In this article, I cover:
* How subdomain takeover vulnerabilities occur
* Real-world exploitation scenarios
Reconnaissance and detection techniques
* Practical prevention and DNS hygiene strategies

https://denizhalil.com/2026/02/16/subdomain-takeover-vulnerabilities-prevention/

#CyberSecurity #SubdomainTakeover #DNS #AttackSurface #BugBounty #RedTeam #BlueTeam #InfoSec #CloudSecurity #WebSecurity #EthicalHacking

Subdomain Takeover Vulnerabilities and Prevention

In this article, I cover:
* How subdomain takeover vulnerabilities occur
* Real-world exploitation scenarios
Reconnaissance and detection techniques
* Practical prevention and DNS hygiene strategies

https://denizhalil.com/2026/02/16/subdomain-takeover-vulnerabilities-prevention/

#CyberSecurity #SubdomainTakeover #DNS #AttackSurface #BugBounty #RedTeam #BlueTeam #InfoSec #CloudSecurity #WebSecurity #EthicalHacking

Subdomain Takeover Vulnerabilities and Prevention

In this article, I cover:
* How subdomain takeover vulnerabilities occur
* Real-world exploitation scenarios
Reconnaissance and detection techniques
* Practical prevention and DNS hygiene strategies

https://denizhalil.com/2026/02/16/subdomain-takeover-vulnerabilities-prevention/

#CyberSecurity #SubdomainTakeover #DNS #AttackSurface #BugBounty #RedTeam #BlueTeam #InfoSec #CloudSecurity #WebSecurity #EthicalHacking

What is DCSync Attack and Mimikatz Usage in Active Directory

One of the most critical attacks in Active Directory environments, DCSync, allows attackers to impersonate a Domain Controller and extract password hashes through replication abuse.

#CyberSecurity #ActiveDirectory #DCSync #RedTeam #BlueTeam #InfoSec #Pentesting #SOC #ThreatDetection #WindowsSecurity #EthicalHacking #ITSecurity #NetworkSecurity #SecurityOperations #DenizHalil

https://denizhalil.com/2026/03/27/dcsync-attack-active-directory-guide/

What is DCSync Attack and Mimikatz Usage in Active Directory

One of the most critical attacks in Active Directory environments, DCSync, allows attackers to impersonate a Domain Controller and extract password hashes through replication abuse.

#CyberSecurity #ActiveDirectory #DCSync #RedTeam #BlueTeam #InfoSec #Pentesting #SOC #ThreatDetection #WindowsSecurity #EthicalHacking #ITSecurity #NetworkSecurity #SecurityOperations #DenizHalil

https://denizhalil.com/2026/03/27/dcsync-attack-active-directory-guide/

Join Fabio Cerullo’s 3-Day Web App Security Essentials training ⚔️
Exploit real vulnerabilities, understand OWASP Top 10 (2025), and tackle modern risks like AI-generated code, all in hands-on labs.
https://owaspglobalappseceuvienna20.sched.com/event/2EBUO

#AppSec #CyberSecurity #OWASP #EthicalHacking #SecureCoding #Infosec

Sequence [TryHackMe] [Writeup]

https://aredopseagle.wordpress.com/2026/03/15/sequence-tryhackme-writeup/

🔎 Cybersecurity Challenge #6 – Spot the Vulnerability

This application fetches an image from a URL provided by the user. Sounds harmless, right? 👨‍💻

But allowing servers to request external resources based on user input can sometimes open the door to dangerous attacks.

Take a closer look at how the URL is validated and how the request is made.

⚠️ Is the validation strong enough?

Question: What security vulnerability exists in this code?

A) SQL Injection
B) Server-Side Request Forgery (SSRF)
C) External XML Entity (XXE)
D) URL Redirection

💬 Comment your answer and tell us which line reveals the vulnerability!

In the next post, I’ll reveal the correct answer and explain how attackers could exploit it in real-world environments.

#cybersecurity #infosec #ethicalhacking #websecurity #bugbounty #securecoding #CyberKid #securitychallenge #SSRF

Recently completed the #CAPT (#Certified #Associate #Penetration #Tester) Certification and received the #CWSE (#Certified #Web #Security #Expert) today.

Thanks a lot #Hackviser. This will help add up to the knowledge I have in my #cybersecurity #cybersec #ethicalhacking #redteaming #informationsecurity #infosec skills including the knowledge and skills gotten from my #networking #course from the #CompTIA CompTIA, Inc. #Network+ that I completed recently as well.

However, for me, University of the People is pretty much like a refresher because everything I expected from them has basically already been covered in courses I’ve already done. Haha!

Recently completed the #CAPT (#Certified #Associate #Penetration #Tester) Certification and received the #CWSE (#Certified #Web #Security #Expert) today.

Thanks a lot #Hackviser. This will help add up to the knowledge I have in my #cybersecurity #cybersec #ethicalhacking #redteaming #informationsecurity #infosec skills including the knowledge and skills gotten from my #networking #course from the #CompTIA CompTIA, Inc. #Network+ that I completed recently as well.

However, for me, University of the People is pretty much like a refresher because everything I expected from them has basically already been covered in courses I’ve already done. Haha!

Recently completed the #CAPT (#Certified #Associate #Penetration #Tester) Certification and received the #CWSE (#Certified #Web #Security #Expert) today.

Thanks a lot #Hackviser. This will help add up to the knowledge I have in my #cybersecurity #cybersec #ethicalhacking #redteaming #informationsecurity #infosec skills including the knowledge and skills gotten from my #networking #course from the #CompTIA CompTIA, Inc. #Network+ that I completed recently as well.

However, for me, University of the People is pretty much like a refresher because everything I expected from them has basically already been covered in courses I’ve already done. Haha!

Recently completed the #CAPT (#Certified #Associate #Penetration #Tester) Certification and received the #CWSE (#Certified #Web #Security #Expert) today.

Thanks a lot #Hackviser. This will help add up to the knowledge I have in my #cybersecurity #cybersec #ethicalhacking #redteaming #informationsecurity #infosec skills including the knowledge and skills gotten from my #networking #course from the #CompTIA CompTIA, Inc. #Network+ that I completed recently as well.

However, for me, University of the People is pretty much like a refresher because everything I expected from them has basically already been covered in courses I’ve already done. Haha!

Recently completed the #CAPT (#Certified #Associate #Penetration #Tester) Certification and received the #CWSE (#Certified #Web #Security #Expert) today.

Thanks a lot #Hackviser. This will help add up to the knowledge I have in my #cybersecurity #cybersec #ethicalhacking #redteaming #informationsecurity #infosec skills including the knowledge and skills gotten from my #networking #course from the #CompTIA CompTIA, Inc. #Network+ that I completed recently as well.

However, for me, University of the People is pretty much like a refresher because everything I expected from them has basically already been covered in courses I’ve already done. Haha!

𝗜𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝗖𝘆𝗯𝗲𝗿 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆: 𝗙𝗿𝗼𝗺 𝗖𝘆𝗯𝗲𝗿 𝗖𝗿𝗶𝗺𝗲 𝘁𝗼 𝗣𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹 𝗥𝗼𝗹𝗲𝘀

#CyberSecurity #InfoSec #CyberCrime #EthicalHacking #DataProtection #ICO #CyberSecurityTraining #TechEducation #NetworkSecurity #StaySafeOnline

https://youtu.be/Yipj8T1VBSQ

⭐ What Our Students Say About Us! ⭐

Level up your skills and future-proof your career at TuxAcademy!

🌐 www.tuxacademy.org | 📞 +91 7982029314

#TuxAcademy #StudentSuccess #AI #CyberSecurity #EthicalHacking #Robotics #TechLearning #Datascience

Linux Privilege Escalation Cheat Sheet: Techniques and Prevention

https://denizhalil.com/2025/06/30/linux-privilege-escalation-cheat-sheet/

#cheatsheet #cronjob #ethicalhacking #linuxenumeration #prilegeescalation #linuxsecurity #securitytools

Protect the Digital World — Start with TuxAcademy
Our expert-led Cybersecurity Program gives you the tools to become a trusted defender of networks, data, and systems.
👉 Enroll Now
📞 +91 7982029314
#TuxAcademy #CyberSecurityTraining #EthicalHacking #TechFuture #ITCareers #SecureYourFuture #OnlineLearning #CyberExperts #EnrollNow #computerscience #GreaterNoidaWest #GNIOT #MachineLearning #greaternoida #csstudentS #UpskillNow #IOT #computerscienceeducatioN #NIET #CodingForBeginners

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

#OffensiveSecurity #CyberSecurity #WindowsInternals #HackTheBox #CTF #EthicalHacking #RedTeam #BlueTeam #RustLang #PythonProgramming #DevEnvironment #InfoSec #CyberCareer #SecurityResearch #MemorySafety #CyberCommunity #JobSearch #TechJourney #SecurityEngineering #Pentesting #LearningEveryDay