Skip to content

  • About Us
  • Contact
  • Disclaimer
  • Home
  • Active Directory Attack Paths Every Pentester Must Know — HackerXone
    Microsoft

    Active Directory Attack Paths Every Pentester Must Know

    ByHackerXone Team July 18, 2026

    Scattered Spider reached Domain Admin in four hours using only AD misconfigurations. This post walks through Kerberoasting, BloodHound attack path analysis, and ACL abuse — with real commands and tool output — so you can find these paths before attackers do.

    Read More Active Directory Attack Paths Every Pentester Must KnowContinue

  • Linux SUID Binary Privilege Escalation: Complete Guide — HackerXone
    Linux

    Linux SUID Binary Privilege Escalation: Complete Guide

    ByHackerXone Team July 17, 2026

    SUID binaries are one of the most reliable Linux privilege escalation paths — and misconfigured ones show up constantly in real environments. This guide shows you exactly how to find them with find and LinPEAS, exploit them with one-liners from GTFOBins, and strip the bit before an attacker uses it.

    Read More Linux SUID Binary Privilege Escalation: Complete GuideContinue

  • AI-Powered Cyberattacks in 2026: Techniques & Defenses — HackerXone
    AI Security

    AI-Powered Cyberattacks in 2026: Techniques & Defenses

    ByHackerXone Team July 16, 2026

    AI-powered cyberattacks in 2026 are chaining LLMs, mutating malware, and exploiting prompt injection to hit faster than human defenders can respond. Here are the real techniques — with live command examples — and the defenses that are actually holding the line.

    Read More AI-Powered Cyberattacks in 2026: Techniques & DefensesContinue

  • Crypto CTF Challenges: Ciphers & Attack Methods — HackerXone
    CTF

    Crypto CTF Challenges: Ciphers & Attack Methods

    ByHackerXone Team July 15, 2026

    Crypto CTF challenges reward pattern recognition and the right tool, not complexity. Walk through frequency analysis, XOR brute-force, and RSA weak-key attacks with real Python examples you can run right now.

    Read More Crypto CTF Challenges: Ciphers & Attack MethodsContinue

  • Volatility 3 Memory Forensics: Practical Guide — HackerXone
    Security Tools

    Volatility 3 Memory Forensics: Practical Guide

    ByHackerXone Team July 14, 2026

    Attackers leave traces in memory that never touch disk — Volatility 3 is how you find them. This hands-on guide walks through process analysis, network connections, and injected shellcode extraction using real commands and plausible incident scenarios.

    Read More Volatility 3 Memory Forensics: Practical GuideContinue

  • Analyzing Malicious Office Macros: Step-by-Step — HackerXone
    Malware

    Analyzing Malicious Office Macros: Step-by-Step

    ByHackerXone Team July 13, 2026

    A 2026 phishing campaign hid a full attack chain inside a .docm invoice file. This walkthrough uses olevba and PowerShell forensics to decode the macro, expose the C2 address, and trace persistence on a compromised host.

    Read More Analyzing Malicious Office Macros: Step-by-StepContinue

  • RCE via Deserialization: Java & PHP Gadget Chains — HackerXone
    Exploits

    RCE via Deserialization: Java & PHP Gadget Chains

    ByHackerXone Team July 12, 2026

    Deserialization gadget chains turn trusted library code into an RCE primitive — and they’ve been popping shells since 2015. This post walks through real ysoserial and PHPGGC payloads, explains exactly what the output means, and shows what an attacker does the moment they have a shell.

    Read More RCE via Deserialization: Java & PHP Gadget ChainsContinue

  • Microsoft 365 Phishing & Account Takeover Techniques — HackerXone
    Microsoft

    Microsoft 365 Phishing & Account Takeover Techniques

    ByHackerXone Team July 11, 2026

    AiTM phishing campaigns bypass MFA by stealing session cookies mid-authentication — no password cracking required. Learn how attackers chain session hijacking with OAuth app abuse for persistent Microsoft 365 access, and what your audit logs reveal about both techniques.

    Read More Microsoft 365 Phishing & Account Takeover TechniquesContinue

  • SSH Hardening: Production Server Complete Guide 2026 — HackerXone
    Linux

    SSH Hardening: Production Server Complete Guide 2026

    ByHackerXone Team July 10, 2026

    A misconfigured SSH daemon with password auth enabled cost one company 14 production servers in 2026. This guide walks through a full SSH hardening process — audit commands, sshd_config settings, and key management — with real output at every step.

    Read More SSH Hardening: Production Server Complete Guide 2026Continue

  • LLM Jailbreaking: What Security Teams Must Know — HackerXone
    AI Security

    LLM Jailbreaking: What Security Teams Must Know

    ByHackerXone Team July 9, 2026

    LLM jailbreaking lets attackers bypass AI safety controls using nothing but a crafted prompt — no CVE required. Learn how to detect jailbreak attempts in your logs, test your own models with Garak, and layer defenses that actually hold.

    Read More LLM Jailbreaking: What Security Teams Must KnowContinue

  • Binary Exploitation CTF Challenges: Step-by-Step — HackerXone
    CTF

    Binary Exploitation CTF Challenges: Step-by-Step

    ByHackerXone Team July 8, 2026

    Most binary exploitation CTF challenges fail teams not because the techniques are hard, but because the recon process is skipped. This guide walks through checksec enumeration, cyclic offset finding, and a working ret2libc exploit — with real commands and real output at every step.

    Read More Binary Exploitation CTF Challenges: Step-by-StepContinue

  • OSINT Techniques & Tools for Recon in 2026 — HackerXone
    Security Tools

    OSINT Techniques & Tools for Recon in 2026

    ByHackerXone Team July 7, 2026

    Attackers mapped a SaaS company’s entire external attack surface using only public data — no exploits required. Learn how to run the same OSINT playbook defenders and red teamers use in 2026, with real commands and tool output.

    Read More OSINT Techniques & Tools for Recon in 2026Continue

Page navigation

1 2 3 4 Next PageNext

Active Directory AI security binary exploitation BloodHound breach investigation buffer overflow Bug Bounty cipher attacks Credential Attacks CTF EDR ethical hacking frequency analysis Ghidra GPU Security Hashcat incident-response Kerberoasting Linux linux security LLM Security malware malware-analysis memory corruption memory forensics Mimikatz OWASP Password Cracking penetration testing phishing Polymorphic Malware privilege escalation prompt injection reconnaissance Red Team reverse engineering RSA security tools sysadmin security threat-intelligence Threat Detection threat hunting web application security Web Security Windows Security

© 2026 HackerXone

Scroll to top
  • About Us
  • Contact
  • Disclaimer
  • Home