BestHub
Sign in
Tagged articles
11 articles
Page 1 of 1
Black & White Path
Black & White Path
May 13, 2026 · Information Security

Comprehensive Red Team Information‑Gathering Guide

This article presents a step‑by‑step red‑team information‑gathering methodology covering domain CDN detection, real‑IP extraction, subdomain enumeration, DNS history analysis, SSL certificate probing, host‑IP collision, company‑level queries, and a curated list of open‑source tools and command‑line examples for each phase.

CDN BypassInformation GatheringNetwork Scanning
0 likes · 19 min read
Comprehensive Red Team Information‑Gathering Guide
Black & White Path
Black & White Path
Feb 22, 2026 · Information Security

30 Practical Web Penetration Testing Techniques You Must Know

This guide walks through 30 hands‑on web penetration testing techniques covering the full workflow—from information gathering and vulnerability discovery to privilege escalation, internal network pivoting, and defense evasion—providing concrete commands, tool recommendations, and real‑world tips for security engineers and testers.

Information GatheringWeb Securitydefense evasion
0 likes · 26 min read
30 Practical Web Penetration Testing Techniques You Must Know
Software Development Quality
Software Development Quality
Apr 1, 2024 · Information Security

Master One-Click Info Collection & Scanning with jws-cli: A Python Security Tool

jws-cli is a Python‑based, extensible one‑click information collection and scanning tool that automates subdomain discovery, CDN and WAF detection, port and C‑segment scanning, and integrates third‑party vulnerability scanners, offering visual reports and email delivery for rapid penetration testing workflows.

Information GatheringPythonautomation
0 likes · 6 min read
Master One-Click Info Collection & Scanning with jws-cli: A Python Security Tool
Liangxu Linux
Liangxu Linux
Oct 25, 2023 · Information Security

How to Bypass CDN and Discover a Website’s Real IP Address

This guide explains why penetration testers need a target’s true IP, how to detect CDN usage, and provides step‑by‑step techniques—including same‑country queries, sub‑domain probing, DNS history checks, FOFA searches, email reverse lookup, and full‑network scanning—to uncover the real server address.

CDNIP discoveryInformation Gathering
0 likes · 7 min read
How to Bypass CDN and Discover a Website’s Real IP Address
MaGe Linux Operations
MaGe Linux Operations
Jul 6, 2022 · Information Security

How to Bypass a WAF and Capture the Flag on Minu-1 – A Complete Pen‑Test Walkthrough

This step‑by‑step guide demonstrates how to enumerate a vulnerable host, identify and fingerprint its Web Application Firewall, apply multiple WAF‑bypass techniques—including fuzzing, command injection, binary abuse and URL‑encoding tricks—to obtain a stable shell, perform privilege escalation, decode a JWT token and finally retrieve the root flag.txt.

Information GatheringJWT crackingLinux exploitation
0 likes · 16 min read
How to Bypass a WAF and Capture the Flag on Minu-1 – A Complete Pen‑Test Walkthrough
Liangxu Linux
Liangxu Linux
Jul 21, 2021 · Information Security

Master Google Hacking: Essential Search Operators for Security Recon

Learn how to leverage Google Hacking techniques—using operators like site, filetype, inurl, intitle, and intext—to efficiently gather security-relevant information, with practical examples and a link to the Google Hacking Database for further reconnaissance.

Google HackingInformation GatheringSearch Operators
0 likes · 6 min read
Master Google Hacking: Essential Search Operators for Security Recon
Open Source Linux
Open Source Linux
Apr 14, 2021 · Information Security

Step‑by‑Step Web Penetration Test: From Recon to Root Access

This tutorial walks you through a complete web penetration test on the fictional site hack‑test.com, covering DNS enumeration, server fingerprinting, vulnerability scanning with Nikto and w3af, exploiting SQL injection via sqlmap, uploading a PHP webshell, gaining a reverse shell, and finally escalating to root privileges on a Linux server.

Information GatheringSQL injectionWeb Security
0 likes · 10 min read
Step‑by‑Step Web Penetration Test: From Recon to Root Access
Architects' Tech Alliance
Architects' Tech Alliance
Jul 30, 2019 · R&D Management

Information Collection Techniques for Industry Research

The article outlines systematic approaches and practical tips for conducting industry research, covering the overall research framework, step‑by‑step information‑gathering methods, categorisation of data sources, efficiency‑boosting tactics, and best practices for deep interviews to derive actionable business insights.

ConsultingInformation Gatheringdata collection
0 likes · 15 min read
Information Collection Techniques for Industry Research
ITFLY8 Architecture Home
ITFLY8 Architecture Home
May 9, 2018 · Information Security

Master MySQL Penetration: From Recon to Privilege Escalation

This article details comprehensive MySQL penetration techniques, covering information gathering, password cracking, webshell deployment, and multiple privilege‑escalation methods using tools such as Nmap, Metasploit, sqlmap, MOF, UDF and startup script exploits.

Information GatheringMetasploitSQLMap
0 likes · 25 min read
Master MySQL Penetration: From Recon to Privilege Escalation