Cybersecurity News & Threat Intelligence
Penetration Techniques - File Recovery and Deletion in Windows Systems
Learn how to recover and securely delete files in Windows systems using NTFS principles, PowerForensics, and SDelete for penetration testing.
Penetration Techniques - Using Transport Agent as an Exchange Backdoor
Explore how Transport Agent in Microsoft Exchange can be exploited as a backdoor for reading, modifying, and blocking emails, with defense tips.
Penetration Basics - Bypassing SSH Logs
Learn SSH penetration basics: bypass logs, brute force techniques, and defensive detection methods for secure remote access testing.
Penetration Techniques - Offline Extraction of Saved Passwords in Chrome Browser Using Masterkey
Learn to extract saved Chrome passwords offline using Masterkey without needing user plaintext passwords. Covers DPAPI, LSASS, and practical steps.
Linux Password Hashes - Technical Overview of Encryption Methods and Cracking Techniques
Explore Linux password storage in /etc/shadow, encryption methods like SHA-512, and cracking techniques using John the Ripper and hashcat for security testing.
certutil in Penetration Testing
Learn how to use certutil for file downloads, hash calculation, and base64 encoding in penetration testing, with tips for clearing cache and common methods.
Node.js in Penetration Testing - Implementation of a Downloader
Learn how to implement a Node.js downloader for penetration testing, covering file release, bypass techniques, and defense recommendations.
Exploitation Testing of "MiniDumpWriteDump via COM+ Services DLL"
Learn to exploit MiniDumpWriteDump via COM+ Services DLL for process memory dumps. Includes PowerShell automation, permission handling, and exploitation analysis for penetration testing.
Introduction to Process Doppelganging Exploitation
Learn about Process Doppelganging, a Windows code injection technique that bypasses security products. Includes POC testing, exploitation steps, and defense tips.
SILENTTRINITY Usage Analysis
Technical analysis of SILENTTRINITY, a C# C2 tool using IronPython for stealthy payload execution. Covers implementation, usage, and defense strategies.
Penetration Techniques - Using Icon Files to Obtain NTLMv2 Hash from File Server Connections
Learn how attackers use modified icon files and SCF files to trick users into accessing spoofed file servers, capturing NTLMv2 hashes for password cracking.
Domain Penetration - Using Specific ACLs in Exchange Server for Domain Privilege Escalation
Learn how Exchange Server ACLs enable domain privilege escalation via DCSync, using PowerView to manipulate permissions and gain full domain control.
CIA Hive Beacon Infrastructure Replication 2—Implementing HTTPS Traffic Distribution Using Apache mod_rewrite
Learn to implement HTTPS traffic distribution with Apache mod_rewrite, including SSL setup on Windows/Ubuntu and OpenSSL certificate generation for secure client verification.
Penetration Techniques - Obtaining Net-NTLM Hash via HTTP Protocol
Learn how to capture Net-NTLM hash via HTTP protocol, analyze exploitation prerequisites, and implement defense strategies in Windows environments.
Penetration Techniques - RID Hijacking of Windows Accounts
Learn how RID hijacking exploits Windows registry to escalate account privileges by modifying RID values, enabling unauthorized admin access.
Penetration Techniques - Multi-user Login for Windows Remote Desktop
Learn how to enable multi-user remote desktop on non-server Windows systems using mimikatz and registry tweaks for penetration testing.
Penetration Technique - Using tscon to Achieve Unauthorized Remote Desktop Login
Learn how tscon can bypass RDP authentication for unauthorized login, with exploitation examples and defense strategies for Windows systems.
Penetration Techniques - Offline Export of Passwords Saved in Chrome Browser
Learn how to export Chrome saved passwords offline using DPAPI, NTLM hash, and Master Key decryption techniques for penetration testing.
Shodan API Usage Guide
Learn to use Shodan API with Python for network device searches, understand credit types, and automate data extraction for cybersecurity analysis.
Sophos UTM Exploitation Analysis - Exporting Configuration Files
Step-by-step guide on exploiting Sophos UTM to export configuration files, including environment setup, research process, and open-source scripts.