Ivan Glinkin | Ivan Glinkin

Walkthrough

Big companies “Childhood diseases”

Ivan Glinkin 08.01.2022

There is a widespread opinion as big the company is as harder to find breaches there: all the well-known vulnerabilities are fixed and mitigated, DevOpsView More

CheatLists

bash cat escalating privileges root suid user zsh

AutoSUID

Ivan Glinkin 01.12.2021

AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way forView More

CheatLists

Active Directory AD attack cat dictionary email harvest kerberos_enumusers kerbrute login metasploit microsoft MIT parsing russian surname tail tr transliteration user username wc

The Russian Kerbrute

Ivan Glinkin 02.11.2021

The first thing every penetration tester performs getting into a controller domain subnet is to brute force discovery of users which is called a KerbruteView More

CheatLists

admin ban bash domain dork dorks filetype github google intitle inurl path robot scan

Fast Google Dorks Scan

Ivan Glinkin 15.10.2021

“Enumeration is the key” – that’s the main tagline of the Offensive Security Certified Professional certification. Indeed, as a statistic says, more than a halfView More

CheatLists

&&||$!admin android api audio analyzer base32 base64 bash Buffer overflow cmd congon4tor CTF Cyber Chef database export flag gimp hacker hackerone hackthebox IOT village John Hammond offensivesecurity osint python rbash Red Team Village sourcec-code SQL Lite SSRF team uharc wfuzz windows

h@cktivitycon2021 by HackerOne

Ivan Glinkin 22.09.2021

Capture the flag (aka CTF) is a cybersecurity game the main aim of which is to crack/solve/find the solution to the weirdest IT tasks andView More

Walkthrough

admin appriciation bounty bug bugbounty Cambridge dorks email fgds google hackerone hash leak letter MIT MySQL password phpbb phpMyAdmin poc proof of concept rce source code sql University wappalyzer

“Kept bombing out in HEAT” or how I hacked Cambridge and MIT subdomains within a week and didn’t even get any thanks

Ivan Glinkin 27.06.2021

Once you got into cybersecurity, you want to hack everything. You may be surprised but in some way it’s possible and even rewarded by theView More

Walkthrough

0day bridge default exploit firewall forwarding hacking htb HTTP ip iptables Kali linux msfconsole nmap openvpn ovpn owa parrot password ping port proxychains smb SSH sudo sweep toor tryhackme vpn

If you play with hackers, don’t be surprised when you get hacked or TryHackMe 0-day exploit

Ivan Glinkin 25.05.2021

There is always something new happens in our life: new work, new experience, new field of study, etc. And cyber security is not an exception:View More

Red Teaming - Through PostgreSQL to shell

CheatLists

nc netcat postgreSQL reverse shell sql

Red Teaming – Through PostgreSQL to shell

Ivan Glinkin 08.04.2021

The easiest way to get reverse shell through the PostgreSQL database. 1. Connect to the DB2. Create a new table CREATE TABLE demo(t text);3. RunView More

CheatLists

AWS bash Bash scripting cheat connection Debian EC2 exam grep hackthebox host htb Instance internet Kali lab laboratory linux nc NIC OffSec openvpn oscp ovpn parrot ss SSH systemctl tunnel udp VLAN VM while

How to cheat on a Cyber Security exam

Ivan Glinkin 29.03.2021

Cheating is unfair, wrong and, in particular cases, strictly prohibited by the law. It may cause you lose your friends, family, achievements, work and whatever.View More

Walkthrough

awk bash Bash scripting CMS concept crack curl data gmail.com grep hacking issue leak let misconfiguration pagination parsing pentest personal proof script search sed sensitive source code tr victim vps web whois

Data leaks without hacking

Ivan Glinkin 07.02.2021

Sometimes, to get personal or other private information there is no need to crack the system. Web-site owners and/or system administrators have not set policiesView More

Offensive Security Certified Professional OSCP Certificate Ivan Glinkin

Walkthrough

ApPHP MicroBlog backtrack bash Bash scripting blue team C certificate CSS enumeration exam exploit ghost github hackerone hackthebox HTML humble JavaScript Kali linux Macros mail.ru MySQL OffSec oscp pain pentest.ws php PWK red team sufference VBS Visual Basic vulnerability vulnhub

My way to the OSCP certification

Ivan Glinkin 17.01.2021

Having achieved the Offensive Security Certified Professional (hereinafter OSCP) certificate, especially in such short period, plenty of people started asking me to share my stepsView More

CheatLists

bash bashrc Box-drawing cat curl cut echo grep internet intranet ip Kali linux ls parrot timestamp

Useful bashrc configuration file

Ivan Glinkin 16.12.2020

Hello Linux users! When I’m doing my job I’m trying to set my working place as efficient and useful as it’s possible. Bash terminal isView More

CVE-2006-3392 Webmin 1.290 Usermin 1.220 auxiliary(admin/webmin/file_disclosure)

CheatLists

bash cve directory exploit msfconsole oscp path traversal usermin vulnerability webmin wireshark

CVE-2006-3392

Ivan Glinkin 04.12.2020

Hello hackers! Today we will talk about the Webmin CMS, it’s vulnerability and we will write our own script to exploit it. First of all let’sView More

Bug Hunter - HackTheBox - Invite Code issues

Walkthrough

automation bash bug hackthebox htb hunter invite optimization

Bug Hunter – HackTheBox – Invite Code issues

Ivan Glinkin 17.11.2020

One of my favorite deeds is optimization and automation. I’d better sit for a while thinking about an algorithm and spend some time for codeView More

CheatLists

arping awk broadcast connection enumeration grep icmp ip linux loop mac nmap ping port route solaris sweep ttl windows

Simple host enumeration

Ivan Glinkin 28.09.2020

Hello hackers! As you may remember, one of the last articles (Simple port enumeration) was about scanning a specific host for the open ports. WeView More