Blog
IDOR – Do you know what I am doing ?
An application provides direct access to an object, such as a file or a database record, based on user-supplied input. This can allow an attacker to bypass the application’s access controls and access sensitive information or perform unauthorised actions it is called as an IDOR (Insecure Direct Object Reference) vulnerability. Attacker can manipulate the URL…
continue readingSplunk Admin – Cheat sheet
The Splunk CLI commands are listed here. Please leave a remark if you would like to add any additional commands or make any changes to the ones that are already mentioned. Genral Admin Manage the Splunk processes splunk [start | stop | restart | status] Accept the license without prompt splunk start –-accept-license Enable boot…
continue readingActive Directory Series – IV
Part – IV : Active Directory – Authentication NTLM protocol The NTLM protocol has a long history in Windows environments and has served as a foundational authentication method for many years. However, its security limitations and susceptibility to attacks have led to its gradual phasing out in favor of more robust authentication protocols. While NTLM…
continue readingActive Directory Series – III
Part – III : Active Directory – Authentication Kerberos Authentication Protocol The Kerberos authentication protocol offers a robust and reliable solution to ensure secure access to network resources. Kerberos, derived from the Greek word “κέρβερος” meaning “three-headed dog,” was originally developed at the Massachusetts Institute of Technology (MIT) in the 1980s.Kerberos has undergone several revisions…
continue readingActive Directory Series – II
Part 2 – Active Directory : Authentication Lightweight Directory Access Protocol LDAP is a crucial component of modern IT infrastructure because it simplifies data management, enhances security, and facilitates the efficient operation of organizations by providing a centralized and standardized way to store, access, and manage directory information. Its flexibility and compatibility with various systems…
continue readingActive Directory Series
Part 1 – Active Directory: Introduction Active Directory is the backbone of many modern IT infrastructures, offering a powerful set of tools for managing network resources efficiently and securely. We will explore Active Directory and its attacks in-depth in this series. Imagine a scenario where a large organization needs to manage user accounts and access…
continue readingAccess the Inaccessible – SSH Port Forwarding
SSH port forwarding, also known as SSH tunneling, is a technique that enables the forwarding of network connections from one computer to another through an SSH server. It establishes an encrypted channel between the local and remote hosts, ensuring the confidentiality and integrity of the transmitted data. This feature makes SSH port forwarding an excellent…
continue reading