Knowledge Base
Advanced techniques in ethical hacking, red teaming, bug bounty, and fullstack web development.
All articles are published in English — cybersecurity content is best understood in the industry's working language. / Tous les articles sont en anglais. / Tüm yazılar İngilizce yayınlanmaktadır.
DOM-based XSS sources and sinks, mutation XSS, CSP bypass via JSONP and open redirects, dangling markup, and full ATO exploitation chains.
Read More → InjectionBoolean and time-based blind SQLi, out-of-band DNS exfiltration, second-order injection, header injection, and MongoDB operator/JS/projection attacks.
Read More → InjectionClassic to blind OOB exfiltration, external DTD data extraction, error-based XXE, SVG/DOCX/XLSX vectors, XInclude, XSLT, and content-type swap attacks.
Read More → AuthenticationUsername enumeration, brute force bypasses, 2FA flaws, password reset poisoning, host header injection and more — full attack methodology and prevention.
Read More → AuthenticationRS256→HS256 confusion, alg:none, weak secret cracking with hashcat, JWK/JKU injection, kid path traversal and SQL injection, and embedded key bypass.
Read More → Client-SideBypassing CSRF tokens, SameSite=Lax/Strict exploitation, content-type tricks for JSON endpoints, Referer bypass, and multi-step CSRF chains.
Read More → Client-SideExploiting origin reflection, null origin via sandboxed iframes, wildcard subdomain regex bypass, subdomain takeover chained with CORS, and credential theft PoCs.
Read More → Server-SideAWS/GCP/Azure credential theft, 15+ IP encoding bypass techniques, DNS rebinding, blind SSRF with Collaborator, and SSRF-to-RCE via Redis and Consul.
Read More → AdvancedPassword reset poisoning, routing-based SSRF, CL.TE and TE.CL smuggling, bypassing front-end controls, capturing victim requests, and HTTP/2 desync attacks.
Read More → File AttacksExtension and MIME bypass techniques, magic bytes spoofing, polyglot JPEG+PHP, ImageTragick, FFmpeg SSRF, encoded traversal sequences, and Zip Slip attacks.
Read More → AdvancedPHP POP chain construction, Java ysoserial gadget chains, Python pickle RCE, .NET ViewState forging, Ruby Marshal gadgets, and Node.js IIFE exploitation.
Read More → AdvancedLimit overrun exploitation, HTTP/2 single-packet attack, last-byte sync, partial construction races, TOCTOU file access, database-level races, and Turbo Intruder scripts.
Read More → API SecurityHidden endpoint discovery, mass assignment, BOLA/BFLA exploitation, GraphQL introspection bypass, query batching for rate limit abuse, and mutation IDOR.
Read More → CachingUnkeyed header poisoning, fat GET injection, parameter cloaking, cache deception via path suffix and delimiter confusion, and cookie-stripping deception attacks.
Read More → WebSocketsCross-site WebSocket hijacking, message injection (SQLi/XSS/CMDi), broken WS authentication patterns, SSRF via WebSocket, and brute-force through single connections.
Read More → AI SecurityDirect and indirect prompt injection, many-shot jailbreaking, training data extraction, insecure tool abuse, RAG pipeline poisoning, and markdown-based data exfiltration.
Read More → Bug BountyA real-world bug bounty case study using Burp Suite — intercept, manipulate, and exploit HTTP requests to find critical vulnerabilities.
Read More →A hands-on guide to mapping network topologies, discovering live hosts, and scanning open ports with Nmap.
Read More → Network AttacksHow MITM attacks work, ARP poisoning techniques, and how to intercept and manipulate traffic on a local network.
Read More → ExploitationIdentifying and exploiting vulnerabilities in server-side services — from open ports to unpatched daemons.
Read More →Monitor Wi-Fi traffic in promiscuous mode, capture packets, and spoof MAC addresses for anonymous network testing.
Read More → WirelessHow 802.11 deauth frames work, how to force clients off a network, and capture WPA handshakes for offline cracking.
Read More → WirelessWhy WEP is broken, how RC4 stream cipher weaknesses are exploited, and a practical walkthrough with Aircrack-ng.
Read More → WirelessExploiting WPS design flaws and brute-forcing WPA2 handshakes with Aircrack-ng and dictionary attacks.
Read More →Full recon phase using PowerView and BloodHound, then ACL exploitation: GenericAll, WriteDACL, ForceChangePassword, GenericWrite and WriteOwner to escalate privileges.
Read More → Active DirectoryService misconfigurations, unquoted paths, PowerUp Invoke-AllChecks, WinPEAS, token impersonation, hunting local admin access across the domain, and exploiting Jenkins for Domain Admin.
Read More → Active DirectorySession hunting, Invoke-Mimikatz, Pass-the-Hash, Over-Pass-the-Hash, Pass-the-Ticket, full DCSync domain dump, and chaining derivative local admin access to Domain Admin.
Read More → Active DirectoryHow Kerberos TGS tickets are requested and cracked offline, AS-REP roasting without pre-auth, targeted Kerberoasting via GenericWrite, and hashcat cracking with rules and wordlists.
Read More → Active DirectoryForging Golden and Silver Kerberos tickets, four persistence backdoors — DSRM credentials, AdminSDHolder ACE injection, DCSync right delegation, WMI and PS Remoting security descriptor abuse.
Read More → Active DirectoryTGT theft via Printer Bug on unconstrained delegation servers, S4U2Self/S4U2Proxy constrained delegation abuse, and full RBCD exploitation chain using write permissions on computer objects.
Read More → Active DirectoryChild-to-parent escalation via trust key and ExtraSids, cross-forest trust pivoting, SQL Server cross-forest RCE, and AD CS ESC1/ESC3/ESC6/ESC8 certificate template exploitation with Certify.
Read More →Crafting and delivering backdoor payloads through client-side attack vectors using Metasploit and Veil.
Read More → Social EngineeringAdvanced techniques for bypassing AV detection and delivering persistent backdoors via social engineering.
Read More → BrowserUsing the Browser Exploitation Framework (BeEF) to hook browsers, run commands, and pivot through web clients.
Read More →Understand the hacker mindset, the difference between black hat and ethical hackers, and the foundational concepts of cybersecurity.
Read More → Internet SafetyPlain-language guide: strong passwords with special characters, Instagram account security, phishing recognition, 2FA, public Wi-Fi, VPNs, backups, and what to do if you get hacked.
Read More →No articles found in this category.