Cybersecurity News & Threat Intelligence
Implementation of In-Memory Loading for Seatbelt
Learn to load Seatbelt in memory using Assembly.Load and execute-assembly methods for security checks without modifying code. Includes parameter passing and compilation steps.
GoAnywhere Managed File Transfer Vulnerability Debugging Environment Setup
Guide to setting up GoAnywhere MFT vulnerability debugging environment: installation, Tomcat debug config, Apache Derby DB ops & password encryption details.
Android Penetration Platform Setup 3 – Two Methods to Install Kali on OnePlus 6T
Step-by-step guide to install Kali on OnePlus 6T via NetHunter for Android and Linux subsystem on Win11 for penetration testing.
Penetration Basics - Minio Version Detection
Learn Minio version detection methods with Python automation. Includes implementation details, code, and security insights for penetration testing.
Application Techniques of Troubleshooting Platform in Penetration Testing
Learn how attackers use Windows Troubleshooting Platform for phishing and payload delivery. Explore development techniques, defense strategies, and security insights.
vRealize Log Insight Vulnerability Debugging Environment Setup
Step-by-step guide to set up a vRealize Log Insight vulnerability debugging environment, covering installation, configuration, and remote debugging.
Penetration Basics — Extension of Exchange One-Liner Backdoor
Extend Exchange one-liner backdoor: learn in-memory PE/.NET loading, lsass hash export via Mimikatz, open-source code & defense tips for security pros
Zyxel Firmware Decryption
Learn two Zyxel firmware decryption methods: known plaintext attack (pkcrack) & password extraction via process tracking (zld_fsextract). Step-by-step insights for VPN50 firmware included.
Setting up a Vulnerability Debugging Environment for ADManager Plus
Comprehensive guide to setting up ADManager Plus vulnerability debugging environment, including config steps, PostgreSQL DB password retrieval (encrypted & decryption), and encryption algorithms.
vRealize Log Insight Vulnerability Debugging Environment Setup
Step-by-step guide to setting up vRealize Log Insight vulnerability debugging env: installation, remote debugging, Cassandra DB & admin password reset.
Penetration Technique: Python Implementation of Exchange PowerShell
Learn to remotely execute Exchange PowerShell commands via Python, exploit TabShell, use pypsrp, Kerberos auth, and analyze SSRF in Exchange server penetration testing.
Setting Up ADAudit Plus Vulnerability Debugging Environment
Step-by-step guide to set up ADAudit Plus vulnerability debugging environment, configure remote debug, and get PostgreSQL adap/postgres user passwords via decryption methods.
NSA DanderSpiritz Testing Guide - Trojan Generation and Testing
Step-by-step guide to NSA DanderSpiritz Trojan testing, covering generation, classification, and troubleshooting for security analysis.
Windows Shellcode Study Notes - Bypassing DEP with VirtualAlloc
Learn how to bypass DEP using VirtualAlloc in Windows shellcode. Includes ROP chain construction, testing, and practical exploitation tips.
Penetration Basics - Backdoor Implementation Using VMware Tools
Learn how VMware Tools script execution can be exploited for backdoor persistence in Windows VMs, with analysis and defense recommendations for penetration testers.
Exporting saved passwords from Firefox browser via Network Security Services
Learn to export saved Firefox passwords using Network Security Services (NSS) with Python. Includes Master Password verification, NSS initialization, and decryption steps.
Configure Additional LSA Protection to monitor Password Filter DLL
Learn to configure additional LSA protection, monitor Password Filter DLLs, and explore exploitation techniques for enhanced Windows security and threat detection.
ProcessHider Utilization Analysis
Analyze ProcessHider's implementation, code details, and detection methods for hiding processes in monitoring tools like Task Manager and Process Explorer.
Java Exploitation Techniques – Self-Deletion of Webshell Compiled Files via Reflection
Learn how to use Java reflection to delete webshell .class files, preventing traces on servers. Includes AntSword-JSP-Template implementation.
Zimbra SOAP API Development Guide 2
Learn Zimbra SOAP API admin features: get user tokens, upload files via clientUploader, and detect logs with Python examples.