# Nathaniel Cyber Security ## Nathaniel Cyber Security - [About Me](https://docs.wehost.co.in/readme.md): Nathaniel Fernandes - [Homelab](https://docs.wehost.co.in/homelab.md) - [Change SSH Port](https://docs.wehost.co.in/homelab/change-ssh-port.md): Change SSH Port - [Install Docker Ubuntu](https://docs.wehost.co.in/homelab/install-docker-ubuntu.md): Install Docker Ubuntu - [Portainer](https://docs.wehost.co.in/homelab/portainer.md): docker management tool - [Install Active Directory](https://docs.wehost.co.in/homelab/install-active-directory.md) - [Setting up Wireguard](https://docs.wehost.co.in/homelab/setting-up-wireguard.md): just a place to documenting my homelab - [Managing WireGuard Logs with Systemd and Logrotate 🔥](https://docs.wehost.co.in/homelab/managing-wireguard-logs-with-systemd-and-logrotate.md) - [Cloudflare Tunnels: The Cybersecurity Pro's Secret Weapon for Secure Cloud Access](https://docs.wehost.co.in/homelab/cloudflare-tunnels-the-cybersecurity-pros-secret-weapon-for-secure-cloud-access.md) - [🧠💥 How I Routed My Entire Lab's HTB Traffic Through a Single VPN Box](https://docs.wehost.co.in/homelab/how-i-routed-my-entire-labs-htb-traffic-through-a-single-vpn-box.md) - [Opening SSH with Root Access to the World: A Controlled Honeypot Experiment](https://docs.wehost.co.in/homelab/opening-ssh-with-root-access-to-the-world-a-controlled-honeypot-experiment.md) - [CyberSecurity](https://docs.wehost.co.in/cybersecurity.md) - [Insecure Direct Object References (IDOR)](https://docs.wehost.co.in/cybersecurity/insecure-direct-object-references-idor.md) - [HTTP Verb Tampering](https://docs.wehost.co.in/cybersecurity/http-verb-tampering.md) - [SSH Attack](https://docs.wehost.co.in/cybersecurity/ssh-attack.md) - [Basic Bash](https://docs.wehost.co.in/cybersecurity/basic-bash.md): basic bash commands used in cybersecurity - [Nmap](https://docs.wehost.co.in/cybersecurity/nmap.md) - [DNS Attacks](https://docs.wehost.co.in/cybersecurity/dns-attacks.md) - [DNS Zone Transfer Attack](https://docs.wehost.co.in/cybersecurity/dns-attacks/dns-zone-transfer-attack.md) - [IMAP & POP Attack](https://docs.wehost.co.in/cybersecurity/imap-and-pop-attack.md) - [SMTP](https://docs.wehost.co.in/cybersecurity/smtp.md) - [SMTP Attacks](https://docs.wehost.co.in/cybersecurity/smtp/smtp-attacks.md) - [SMB Attack](https://docs.wehost.co.in/cybersecurity/smb-attack.md) - [NFS Attacks](https://docs.wehost.co.in/cybersecurity/nfs-attacks.md) - [SNMP Attack](https://docs.wehost.co.in/cybersecurity/snmp-attack.md) - [MYSQL attacks](https://docs.wehost.co.in/cybersecurity/mysql-attacks.md) - [IPMI](https://docs.wehost.co.in/cybersecurity/ipmi.md) - [SSL Attacks](https://docs.wehost.co.in/cybersecurity/ssl-attacks.md) - [Transferring Files](https://docs.wehost.co.in/cybersecurity/transferring-files.md) - [Linux Configured WebServer with Upload](https://docs.wehost.co.in/cybersecurity/linux-configured-webserver-with-upload.md) - [PowerShell Web Downloads](https://docs.wehost.co.in/cybersecurity/powershell-web-downloads.md) - [Personal web server](https://docs.wehost.co.in/cybersecurity/personal-web-server.md) - [Windows Authentication Process](https://docs.wehost.co.in/cybersecurity/windows-authentication-process.md) - [Attacking SAM](https://docs.wehost.co.in/cybersecurity/attacking-sam.md) - [CrackMapExec](https://docs.wehost.co.in/cybersecurity/crackmapexec.md) - [Attacking LSASS](https://docs.wehost.co.in/cybersecurity/attacking-lsass.md) - [Create SMB server Linux (HACK)](https://docs.wehost.co.in/cybersecurity/create-smb-server-linux-hack.md) - [Pypykatz](https://docs.wehost.co.in/cybersecurity/pypykatz.md) - [Attacking Active Directory & NTDS.dit](https://docs.wehost.co.in/cybersecurity/attacking-active-directory-and-ntds.dit.md) - [Evil-WinRM](https://docs.wehost.co.in/cybersecurity/evil-winrm.md) - [WinRM Attacks](https://docs.wehost.co.in/cybersecurity/winrm-attacks.md) - [Active Directory Terminology](https://docs.wehost.co.in/cybersecurity/active-directory-terminology.md) - [Active Directory Objects](https://docs.wehost.co.in/cybersecurity/active-directory-objects.md) - [Active Directory](https://docs.wehost.co.in/cybersecurity/active-directory.md) - [Active Directory Functionality](https://docs.wehost.co.in/cybersecurity/active-directory-functionality.md) - [NTLM Authentication](https://docs.wehost.co.in/cybersecurity/ntlm-authentication.md) - [Active Directory Rights and Privileges](https://docs.wehost.co.in/cybersecurity/active-directory-rights-and-privileges.md) - [Pass the Ticket (PtT)](https://docs.wehost.co.in/cybersecurity/pass-the-ticket-ptt.md) - [Kerberos](https://docs.wehost.co.in/cybersecurity/kerberos.md) - [Pass the Ticket (PtT) from Windows](https://docs.wehost.co.in/cybersecurity/pass-the-ticket-ptt-from-windows.md) - [FTP Bounce Attack](https://docs.wehost.co.in/cybersecurity/ftp-bounce-attack.md) - [MSSQL Attacks](https://docs.wehost.co.in/cybersecurity/mssql-attacks.md) - [RDP Attack](https://docs.wehost.co.in/cybersecurity/rdp-attack.md) - [crowbar](https://docs.wehost.co.in/cybersecurity/crowbar.md) - [Local File Inclusion (LFI)](https://docs.wehost.co.in/cybersecurity/local-file-inclusion-lfi.md) - [Remote File Inclusion (RFI)](https://docs.wehost.co.in/cybersecurity/remote-file-inclusion-rfi.md) - [Linux Shared Libraries Attacks](https://docs.wehost.co.in/cybersecurity/linux-shared-libraries-attacks.md) - [Linux Shared Object Hijacking](https://docs.wehost.co.in/cybersecurity/linux-shared-object-hijacking.md) - [Microsoft Guide to all Windows command](https://docs.wehost.co.in/cybersecurity/microsoft-guide-to-all-windows-command.md) - [Windows Event Log Readers](https://docs.wehost.co.in/cybersecurity/windows-event-log-readers.md) - [Windows DnsAdmins Attacks](https://docs.wehost.co.in/cybersecurity/windows-dnsadmins-attacks.md) - [Hyper-V Administrators Attacks](https://docs.wehost.co.in/cybersecurity/hyper-v-administrators-attacks.md) - [Windows Print Operators](https://docs.wehost.co.in/cybersecurity/windows-print-operators.md) - [Windows Server Operators](https://docs.wehost.co.in/cybersecurity/windows-server-operators.md) - [Windows User Account Control Bypass](https://docs.wehost.co.in/cybersecurity/windows-user-account-control-bypass.md) - [Extracting Clipboard data Windows](https://docs.wehost.co.in/cybersecurity/extracting-clipboard-data-windows.md) - [Windows Credential Hunting](https://docs.wehost.co.in/cybersecurity/windows-credential-hunting.md) - [Cmdkey Saved Credentials](https://docs.wehost.co.in/cybersecurity/cmdkey-saved-credentials.md) - [Retrieving Saved Credentials from Chrome windows](https://docs.wehost.co.in/cybersecurity/retrieving-saved-credentials-from-chrome-windows.md) - [Extracting KeePass Hash](https://docs.wehost.co.in/cybersecurity/extracting-keepass-hash.md) - [Online Hash Crackers](https://docs.wehost.co.in/cybersecurity/online-hash-crackers.md) - [Hashcat](https://docs.wehost.co.in/cybersecurity/hashcat.md) - [Creating Custom wordlists](https://docs.wehost.co.in/cybersecurity/creating-custom-wordlists.md) - [Extracting windows wifi password](https://docs.wehost.co.in/cybersecurity/extracting-windows-wifi-password.md) - [Wordpress Attacks](https://docs.wehost.co.in/cybersecurity/wordpress-attacks.md) - [Joomla Attacks](https://docs.wehost.co.in/cybersecurity/joomla-attacks.md) - [Drupal Attack](https://docs.wehost.co.in/cybersecurity/drupal-attack.md) - [Tomcat Attacks](https://docs.wehost.co.in/cybersecurity/tomcat-attacks.md) - [Jenkins Attacks](https://docs.wehost.co.in/cybersecurity/jenkins-attacks.md) - [Splunk Attacks](https://docs.wehost.co.in/cybersecurity/splunk-attacks.md) - [PRTG Network Monitor Attacks](https://docs.wehost.co.in/cybersecurity/prtg-network-monitor-attacks.md) - [Gitlab Attacks](https://docs.wehost.co.in/cybersecurity/gitlab-attacks.md) - [Tomcat CGI Attacks](https://docs.wehost.co.in/cybersecurity/tomcat-cgi-attacks.md) - [Attacking Thick Client Applications](https://docs.wehost.co.in/cybersecurity/attacking-thick-client-applications.md) - [LLMNR Poisoning](https://docs.wehost.co.in/cybersecurity/llmnr-poisoning.md) - [Inveigh](https://docs.wehost.co.in/cybersecurity/inveigh.md) - [InveighZero](https://docs.wehost.co.in/cybersecurity/inveighzero.md) - [Password Spraying - Making a Target User List ACTIVE Directory](https://docs.wehost.co.in/cybersecurity/password-spraying-making-a-target-user-list-active-directory.md) - [Kerbrute](https://docs.wehost.co.in/cybersecurity/kerbrute.md) - [statistically-likely-usernames](https://docs.wehost.co.in/cybersecurity/statistically-likely-usernames.md) - [linkedin2username](https://docs.wehost.co.in/cybersecurity/linkedin2username.md) - [windapsearch](https://docs.wehost.co.in/cybersecurity/windapsearch.md) - [Internal Password Spraying - from Linux ACTIVE Directory](https://docs.wehost.co.in/cybersecurity/internal-password-spraying-from-linux-active-directory.md) - [Internal Password Spraying - from Windows ACTIVE Directory](https://docs.wehost.co.in/cybersecurity/internal-password-spraying-from-windows-active-directory.md) - [DomainPasswordSpray](https://docs.wehost.co.in/cybersecurity/domainpasswordspray.md) - [Local Administrator Password Solution (LAPS)](https://docs.wehost.co.in/cybersecurity/local-administrator-password-solution-laps.md) - [LAPSToolkit](https://docs.wehost.co.in/cybersecurity/lapstoolkit.md) - [LDAP Filtering Explained](https://docs.wehost.co.in/cybersecurity/ldap-filtering-explained.md) - [Kerberoasting](https://docs.wehost.co.in/cybersecurity/kerberoasting.md) - [Mimikatz](https://docs.wehost.co.in/cybersecurity/mimikatz.md) - [Bypass Powershell Execution Policy](https://docs.wehost.co.in/cybersecurity/bypass-powershell-execution-policy.md) - [Bypassing AV Signatures for PowerShell](https://docs.wehost.co.in/cybersecurity/bypassing-av-signatures-for-powershell.md) - [Setup Static IP Linux](https://docs.wehost.co.in/cybersecurity/setup-static-ip-linux.md) - [iptables-linux](https://docs.wehost.co.in/cybersecurity/iptables-linux.md) - [auditd](https://docs.wehost.co.in/cybersecurity/auditd.md) - [Setup Static IP linux](https://docs.wehost.co.in/cybersecurity/setup-static-ip-linux-1.md) - [Install Wiregard VPN](https://docs.wehost.co.in/cybersecurity/install-wiregard-vpn.md) - [List Dangerous PHP functions](https://docs.wehost.co.in/cybersecurity/list-dangerous-php-functions.md) - [Falco](https://docs.wehost.co.in/cybersecurity/falco.md) - [Blog](https://docs.wehost.co.in/blog.md) - [The Journey of how I passed CISSP](https://docs.wehost.co.in/blog/the-journey-of-how-i-passed-cissp.md) - [How Nmap gets what OS is running by using different probes](https://docs.wehost.co.in/blog/how-nmap-gets-what-os-is-running-by-using-different-probes.md) - [How PsExec or similar tools operate over SMB to achieve remote command execution](https://docs.wehost.co.in/blog/how-psexec-or-similar-tools-operate-over-smb-to-achieve-remote-command-execution.md) - [Beyond Session Hijacking: Using JavaScript Libraries for Comprehensive User Profiling Through XSS](https://docs.wehost.co.in/blog/beyond-session-hijacking-using-javascript-libraries-for-comprehensive-user-profiling-through-xss.md) - [Why does encoded message have a = or ==](https://docs.wehost.co.in/blog/why-does-encoded-message-have-a-or.md) - [What Does "/bin/bash -p" Do?](https://docs.wehost.co.in/blog/what-does-bin-bash-p-do.md) - [Extract username from private SSH key](https://docs.wehost.co.in/blog/extract-username-from-private-ssh-key.md) - [Purpose of Service Principal Names (SPN) in Active Directory](https://docs.wehost.co.in/blog/purpose-of-service-principal-names-spn-in-active-directory.md) - [Get Passwords from Teamviewer windows (No Metasploit)](https://docs.wehost.co.in/blog/get-passwords-from-teamviewer-windows-no-metasploit.md) - [Difference between actively logged on users, locally logged on users and remotely logged users](https://docs.wehost.co.in/blog/difference-between-actively-logged-on-users-locally-logged-on-users-and-remotely-logged-users.md) - [Packet Flow in RouterOS](https://docs.wehost.co.in/blog/packet-flow-in-routeros.md) - [Depixelating information in the document (finding what was not supposed to be found)](https://docs.wehost.co.in/blog/depixelating-information-in-the-document-finding-what-was-not-supposed-to-be-found.md) - [Spotting Spoofing Securing Your Email with DMARC, DKIM, and SPF](https://docs.wehost.co.in/blog/spotting-spoofing-securing-your-email-with-dmarc-dkim-and-spf.md) - [Stop Telling People to “Just Look at the URL”: You're Not That Special](https://docs.wehost.co.in/blog/stop-telling-people-to-just-look-at-the-url-youre-not-that-special.md) - [NFS Isn’t Just File Sharing — It’s RPC in Disguise](https://docs.wehost.co.in/blog/nfs-isnt-just-file-sharing-its-rpc-in-disguise.md) - [I Had Write Permissions... So Why Was Linux Saying "No"?](https://docs.wehost.co.in/blog/i-had-write-permissions...-so-why-was-linux-saying-no.md) - [Post-Root Enlightenment: Why You Really Pwn Boxes — Thanks to IppSec](https://docs.wehost.co.in/blog/post-root-enlightenment-why-you-really-pwn-boxes-thanks-to-ippsec.md): Inspired by IppSec’s approach to always learn beyond the root flag - [From Chaos to Compliance A Smart Audit Logging Strategy for MariaDB](https://docs.wehost.co.in/blog/from-chaos-to-compliance-a-smart-audit-logging-strategy-for-mariadb.md) - [SELinux: A Practical Guide for Real-World Linux Security](https://docs.wehost.co.in/blog/selinux-a-practical-guide-for-real-world-linux-security.md) - [How Certificate Transparency Logs Work](https://docs.wehost.co.in/blog/how-certificate-transparency-logs-work.md) - [I Lost My Automation Server: A Real-World Incident Response Lesson](https://docs.wehost.co.in/blog/i-lost-my-automation-server-a-real-world-incident-response-lesson.md) - [Why SSH Says client\_loop send disconnect Broken pipe](https://docs.wehost.co.in/blog/why-ssh-says-client_loop-send-disconnect-broken-pipe.md) - [What Is a File Descriptor?](https://docs.wehost.co.in/blog/what-is-a-file-descriptor.md) - [Reset Nessus Username & Password via CLI](https://docs.wehost.co.in/blog/reset-nessus-username-and-password-via-cli.md) - [The CNAME Paradox: Why Your Root Domain Can't Be an Alias](https://docs.wehost.co.in/blog/the-cname-paradox-why-your-root-domain-cant-be-an-alias.md) - [Your $150M Outage Started With One Wrong Assumption: Do You Even Know How to Talk During Incidents?](https://docs.wehost.co.in/blog/your-usd150m-outage-started-with-one-wrong-assumption-do-you-even-know-how-to-talk-during-incidents.md) - [Presence-Aware Infrastructure: My Lab Knows When I'm Home (and Saves Me $$$)](https://docs.wehost.co.in/blog/presence-aware-infrastructure-my-lab-knows-when-im-home-and-saves-me-usdusdusd.md) - [From Curiosity to Backdoor: How I Found a Stealthy Persistence Technique in EC2 Instance Connect](https://docs.wehost.co.in/blog/from-curiosity-to-backdoor-how-i-found-a-stealthy-persistence-technique-in-ec2-instance-connect.md) - [From Shadow IT to AI-Governed Infrastructure](https://docs.wehost.co.in/blog/from-shadow-it-to-ai-governed-infrastructure.md) - [Leveraging Multiple Tor Exit Nodes for Data Exfiltration: A Containerized Approach](https://docs.wehost.co.in/blog/leveraging-multiple-tor-exit-nodes-for-data-exfiltration-a-containerized-approach.md) - [Adaptive Percentage-Based Search: Finding ID Ranges Without Getting Blocked](https://docs.wehost.co.in/blog/adaptive-percentage-based-search-finding-id-ranges-without-getting-blocked.md) - [The Zombie User: AWS IAM Identity Center Session Persistence on the Management Account](https://docs.wehost.co.in/blog/the-zombie-user-aws-iam-identity-center-session-persistence-on-the-management-account.md) - [The First Rule of Compression: Why JPEG Uses YUV Instead of RGB](https://docs.wehost.co.in/blog/the-first-rule-of-compression-why-jpeg-uses-yuv-instead-of-rgb.md) - [Instagram](https://docs.wehost.co.in/instagram.md) - [CTF-Walkthrough](https://docs.wehost.co.in/ctf-walkthrough.md) - [Exploiting the HTB “Networked” Box: From Recon to Root](https://docs.wehost.co.in/ctf-walkthrough/exploiting-the-htb-networked-box-from-recon-to-root.md) - [Exploiting Ghosts from the Past — Irked | Hack The Box](https://docs.wehost.co.in/ctf-walkthrough/exploiting-ghosts-from-the-past-irked-or-hack-the-box.md) - [Real-World Security Lessons from HTB’s Postman: Misconfig to Root📮](https://docs.wehost.co.in/ctf-walkthrough/real-world-security-lessons-from-htbs-postman-misconfig-to-root.md) - [HTB: OpenAdmin – RCE, Privilege Escalation, and the Art of Improvisation](https://docs.wehost.co.in/ctf-walkthrough/htb-openadmin-rce-privilege-escalation-and-the-art-of-improvisation.md) - [HTB: Time – Deserialization, Java Shenanigans & Root in Style](https://docs.wehost.co.in/ctf-walkthrough/htb-time-deserialization-java-shenanigans-and-root-in-style.md) - [HTB-Forge: Double SSRF to Root Breaking Forge from the Inside Out 🧨](https://docs.wehost.co.in/ctf-walkthrough/htb-forge-double-ssrf-to-root-breaking-forge-from-the-inside-out.md) - [HTB: Traverxec – From RCE to Root with a Nostalgic Bang](https://docs.wehost.co.in/ctf-walkthrough/htb-traverxec-from-rce-to-root-with-a-nostalgic-bang.md) - [HTB Walkthrough – making a magical walkthrough with Magic](https://docs.wehost.co.in/ctf-walkthrough/htb-walkthrough-making-a-magical-walkthrough-with-magic.md) - [HTB Writeup: Passage – From News to Root](https://docs.wehost.co.in/ctf-walkthrough/htb-writeup-passage-from-news-to-root.md) - [HTB - Shibboleth Walkthrough 🥷](https://docs.wehost.co.in/ctf-walkthrough/htb-shibboleth-walkthrough.md) - [TartarSauce – HTB Walkthrough](https://docs.wehost.co.in/ctf-walkthrough/tartarsauce-htb-walkthrough.md) - [Grup Labs](https://docs.wehost.co.in/grup-labs.md) - [Amazon Macie Lab: Spotting Sensitive Data Like a Boss](https://docs.wehost.co.in/grup-labs/amazon-macie-lab-spotting-sensitive-data-like-a-boss.md) - [Building a Comprehensive AWS Config Lab: Tracking IAM Configuration Changes with SNS and S3](https://docs.wehost.co.in/grup-labs/building-a-comprehensive-aws-config-lab-tracking-iam-configuration-changes-with-sns-and-s3.md) - [AWS NACL vs Security Group: The Practical Guide (With Console Walkthroughs)](https://docs.wehost.co.in/grup-labs/aws-nacl-vs-security-group-the-practical-guide-with-console-walkthroughs.md) - [Nathaniel Profile](https://docs.wehost.co.in/profile.md) - [Connect With Me](https://docs.wehost.co.in/connect-with-me.md) - [CISSP-Playbook](https://docs.wehost.co.in/cissp-playbook.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://docs.wehost.co.in/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.