Cybersecurity News & Threat Intelligence
Penetration Techniques - Obtaining PowerShell Command History
Learn how to exploit PowerShell command history for sensitive data in penetration testing, including export methods and defense strategies to protect credentials.
Loading PE files into memory via .NET
Learn to load PE files into memory using C# with SharpPELoader. Exploit techniques, 32/64-bit support, and Casey Smith's PELoader extension.
Zimbra Deserialization Vulnerability (CVE-2019-6980) Exploitation Test
Step-by-step guide to exploit Zimbra CVE-2019-6980 deserialization vulnerability for remote code execution. Includes environment setup, payload generation, and open-source exploit script.
Windows XML Event Log (EVTX) Single Log Entry Deletion (Part 5) – Deleting a Single Log Entry from the Current System by Obtaining Log File Handle via DuplicateHandle
Learn to delete single Windows EVTX log entries by obtaining log file handles via DuplicateHandle and process enumeration techniques.
Exchange Web Service (EWS) Development Guide 3 – SOAP XML Parser
Learn to build a SOAP XML parser for EWS to automatically extract email details like subject, sender, body, and attachments using Python's standard libraries.
Penetration Tool Development - Command Line Implementation of XSS Platform
Learn to create a lightweight XSS platform using Python CLI for internal network penetration testing, featuring HTTPS server setup and data extraction.
Java Exploitation Techniques - Jetty Servlet Type Memory Shell
Learn how to exploit Jetty with Servlet memory shells for command execution. Includes code and implementation details for security testing.
Penetration Techniques - From Exchange File Read/Write Permissions to Command Execution
Learn how to escalate from Exchange file read/write permissions to command execution using .NET deserialization and MachineKey manipulation. Includes exploitation methods and defense tips.
ProxyOracle Exploitation Analysis 1 - CVE-2021-31195
Technical analysis of ProxyOracle attack chain: XSS reproduction, HttpOnly cookie bypass using SSRF, XSS platform setup, and email spoofing techniques.
Node.js in Penetration Testing: Using C++ Addons to Conceal Actual Code
Learn how to use Node.js C++ addons to hide payloads in penetration testing, increasing analysis difficulty and leveraging C++ code.
Windows Local Privilege Escalation Tool Juicy Potato Testing Analysis
Test and analysis of Juicy Potato, a Windows local privilege escalation tool. Covers usage, limitations, and defense strategies for exploiting SeImpersonate/SeAssignPrimaryToken privileges.
Penetration Basics - Extracting Credentials from lsass.exe Process
Learn methods to extract credentials from lsass.exe, including bypassing security restrictions and handling file size limits in penetration testing.
Java Exploitation Techniques – Loading DLL via JNI
Learn how to exploit Java JNI to load DLLs via JSP in Tomcat environments, including code examples for command execution and security implications.
Penetration Techniques - Hiding ASP.NET Webshells Using Virtual Files
Learn to hide ASP.NET webshells using VirtualPathProvider for virtual files, exploit Exchange vulnerabilities, and implement defensive detection strategies.
Penetration Techniques - Simulating IE Browser to Download Files
Learn how to simulate IE browser for file downloads on Windows, including active/passive modes, COM objects, and process hollowing. Includes defense tips.
Penetration Basics - Implementation of Exchange One-Liner Backdoor
Learn two Exchange backdoor methods via ASPX one-liners: memory loading and file upload. Includes C#/Python exploit code and defense tips.
ProxyShell Exploitation Analysis 1 - CVE-2021-34473
Technical analysis of ProxyShell CVE-2021-34473 exploitation: SSRF vulnerability debugging, EWS impersonation via SID, and complete exploit chain for Exchange Server attacks.
Penetration Basics - Remotely Extracting Credentials from the lsass.exe Process
Learn how to remotely extract credentials from lsass.exe using lsassy tool. Methods for remote command execution, parsing password hashes, and automation in penetration testing.
Covenant Utilization Analysis
Explore Covenant, a .NET-based C2 framework with dynamic compilation, setup guides for Windows, key features like Listeners and Launchers, and detection insights.
Windows Event Viewer Log (EVT) Single Log Deletion (Part 1) – Deletion Approach and Examples
Learn how to delete single logs in Windows EVT files. Covers EVT format basics, deletion approach, and practical examples for Windows XP/2003 systems.