RatSec Blog

Active Directory Attacks

- Posted in Uncategorized by

Active Directory attacks: Pass-the-Hash (PtH) Attack: Involves stealing hashed credentials from one system and using them to authenticate to another system. Pass-the-Ticket (PtT) Attack: Similar to
In today's digital age, our lives are increasingly intertwined with the online world. From banking to social media and everything in between, we rely on the internet for countless tasks. However,

SSTI Payloads

- Posted in Uncategorized by

${{<%[%'"}}%. ${{7*7}} ${{3*'3'}} <%= 3 * 3 %> ${6*6} {{dump(app)}} {{app.request.server.all|join(',')}} {{config.items()}} {{ [].class.base.subclasses()
Directory traversal, also known as path traversal, is a type of vulnerability that allows an attacker to access files and directories that are outside of the intended directory structure. This can
Here are 25 ways to make money with your skills in ethical hacking: Bug Bounty Hunter: Bug bounty hunters find and report vulnerabilities in software and websites for a bounty. This can be a great

Bug Bounty Cheat Sheet

- Posted in Uncategorized by

Information Gathering - Identify target IP addresses and domains. - Perform DNS enumeration. - Identify technologies used by the target (e.g., Wappalyzer). - Identify people related to the target


- Posted in Bug bounties by

CSRF(Cross-Site Request Forgery) Understanding CSRF. CSRF attacks occur when a malicious actor tricks an authenticated user into unknowingly performing actions on a web application that they are

22 Online tools for hackers

- Posted in tools by