Bypass Application Whitelisting using msbuild.exe (Multiple Methods)
This purpose to write this post is to demonstrate the most common and familiar techniques of whitelisting AppLocker bypass. As we know for security reason the system admin add group policies to...
View ArticleConfigure Sqlmap for WEB-GUI in Kali Linux
Hello everyone and welcome to this tutorial of setting up SQLMAP for web-gui. Web-GUI simply refers to the interface that a browser provides you over the http/https service.SQLMAP is a popular tool for...
View ArticleBypass Application Whitelisting using wmic.exe (Multiple Methods)
This purpose to write this post is to demonstrate the most common and familiar techniques of whitelisting AppLocker bypass. As we know for security reason the system admin add group policies to...
View ArticleBypass Application Whitelisting using regsrv32.exe (Multiple Methods)
This purpose to write this post is to demonstrate the most common and familiar techniques of whitelisting AppLocker bypass. As we know for security reason the system admin add group policies to...
View ArticleBypass Application Whitelisting using rundll32.exe (Multiple Methods)
This purpose to write this post is to demonstrate the most common and familiar techniques of whitelisting AppLocker bypass. As we know for security reason the system admin add group policies to...
View ArticleGreatSct - An Application Whitelist Bypass Tool
While wrting Applocker bypass series, we found a new tool which was especially design for bypassing whitelisting application. So Idecided to write this article where e are introducing another most...
View ArticleExploiting Windows PC using Malicious Contact VCF file
A huge shoutout to cyber security researcher John Page for bringing this vulnerability into the internet’s eye on 15th January 2019. This was a 0 day exploit and of course works with the latest windows...
View ArticleExploiting Windows using Contact File HTML Injection/RCE
After the 0 day exploit on malicious VCF file in windows, cyber security researcher John Page deserves another round of applause for bringing this vulnerability onto exploit-db’s eye on 23rdJanuary...
View ArticleJenkins Pentest Lab Setup
You all know that we have performed so many ctf challenges and we got to know about jenkins there.so lets know about jenkins better. For this we are here with the new challenges which you will face...
View ArticleMultiple Ways to Exploiting Windows PC suing PowerShell Empire
This is our second post in the article series ‘PowerShell Empire’. In this article we will cover all the exploits that leads to windows exploitation with empire. To our first post on empire series,...
View ArticleBypass Application Whitelisting using Weak Path Rule
Finding loopholes is very important when you are the part of a pen-testing team. Because such loopholes are the source of hacking as the attacker will actively look for them. So in order to patch such...
View ArticlePentesting on wdgiest with Mimikatz
In this article we will show you the methods of protecting your system against MIMIKATZ that fetches password in clear text from wdigest. As you know the Pen-tester and red team uses mimikatz for...
View ArticlePentest Lab Setup on Memcached
In this article, we are going to learn about pen-testing in Memcached lab setup in Ubuntu 18.04. Memcached server is used by corporations in order to increase the speed of their network as it helps to...
View ArticleHack the Box: Ypuffy Walkthrough
Today we are going to solve another CTF challenge “Ypuffy”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your...
View ArticleBypass Application Whitelisting using cmstp
By default, Applocker allows the executing of binaries in the folder that is the major reason that it can be bypassed. It has been found that such binaries can easily be used in order to bypass...
View ArticleTrevorC2 - Command and Control
TrevorC2 is command and control framework. It is client/server model which works through a browser masquerading as C2 tool. It works on different time intervals which makes it almost impossible to be...
View ArticleFirewall Penetration Testing in Remote Windows PC (netsh Tutorial)
Firewall is a network security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in varied modes i.e. hardware, software, or a combination of...
View ArticleHack the Box: Dab Walkthrough
Today we are going to solve another CTF challenge “Dab”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your...
View ArticlePenetration Testing on Memcached Server
In our previous article we learned how to configure Memcached Server in Ubuntu 18.04 system to design our own pentest lab. Today we will learn multiple ways to exploit Memcached Server.Table of...
View ArticleComprehensive Guide on Snort
This article will introduce a guide to understand IDS using Snort as an example for it. Table of Content :· Introduction to IDS· Categories of IDS· Types of IDS·...
View Article