Quantcast
Channel: Hacking Articles|Raj Chandel's Blog
Browsing all 1812 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

File Transfer Filter Bypass: Exe2Hex

IntroductionExe2hex is a tool developed by g0tmilk which can be found here. The tool transcribes EXE into a series of hexadecimal strings which can be restored into the original EXE file by using...

View Article


Image may be NSFW.
Clik here to view.

A Detailed Guide on Wfuzz

IntroductionMany tools have been developed that create an HTTP request and allow a user to modify their contents. Fuzzing works the same way. A user can send a similar request multiple times to the...

View Article


Image may be NSFW.
Clik here to view.

Linux Privilege Escalation: DirtyPipe (CVE 2022-0847)

IntroductionCVE 2022-0847 is a privilege escalation vulnerability discovered by Max Kellerman present in Linux Kernel itself post versions 5.8 which allows overwriting data in arbitrary read only files...

View Article

Image may be NSFW.
Clik here to view.

Domain Escalation: Resource Based Constrained Delegation

IntroductionDelegation has been a part of Microsoft’s Active Directory environment since early 2000s and has remained one of few ignored threats by system analysts. Due to misconfigured delegation...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on httpx

Introductionhttpx is a fast web application reconnaissance tool coded in go by www.projectidscovery.io. With a plethora of multiple modules effective in manipulating HTTP requests and filtering out...

View Article


Image may be NSFW.
Clik here to view.

Indirect Command Execution: Defense Evasion (T1202)

IntroductionIndirect Command Execution is a defense evasion technique that is often used by Red Teams in which an adversary tries to bypass certain defense filters put in place which may restrict...

View Article

Image may be NSFW.
Clik here to view.

Parent PID Spoofing (Mitre:T1134)

IntroductionParent PID spoofing is an access token manipulation technique that may aid an attacker to evade defense techniques such as heuristic detection by spoofing PPID of a malicious file to that...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on crunch

IntroductionOften times attackers have the need to generate a wordlist based on certain criteria which is required for pentest scenarios like password spraying/brute-forcing. Other times it could be a...

View Article


Image may be NSFW.
Clik here to view.

Lateral Movement: WebClient Workstation Takeover

IntroductionThe article is based on @tifkin_’s idea that a workstation takeover, also known as lateral movement, is possible by abusing WebDAV shares. In Certified Pre-Owned whitepaper a technique...

View Article


Image may be NSFW.
Clik here to view.

Lateral Movement: Remote Services (Mitre:T1021)

IntroductionDuring Red Team assessments, after a compromise has been done, attackers tend to laterally move through the network gaining more relevant information on other systems. This lateral movement...

View Article

Image may be NSFW.
Clik here to view.

Windows Persistence: COM Hijacking (MITRE: T1546.015)

IntroductionAccording to MITRE, “Adversaries can use the COM system to insert malicious code that can be executed in place of legitimate software through hijacking the COM references and relationships...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on Cewl

Hi, Pentesters! In this article we are going to focus on the Kali Linux tool “Cewl” which will basically help you to create a wordlist. Let’s explore this tool and learn about what all other options...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on Responder (LLMNR Poisoning)

IntroductionResponder is a widely used tool in penetration test scenarios and can be used for lateral movement across the network by red teamers. The tool contains many useful features like LLMNR,...

View Article


Image may be NSFW.
Clik here to view.

A Detailed Guide on AMSI Bypass

IntroductionWindows developed the Antimalware Scan Interface (AMSI) standard that allows a developer to integrate malware defense in his application. AMSI allows an application to interact with any...

View Article

Image may be NSFW.
Clik here to view.

Defense Evasion: Process Hollowing (T1055.012)

IntroductionIn July 2011, John Leitch of autosectools.com talked about a technique he called process hollowing in his whitepaper here. Ever since then, many malware campaigns like Bandook and...

View Article


Image may be NSFW.
Clik here to view.

Process Doppelganging (Mitre:T1055.013)

IntroductionEugene Kogan and Tal Liberman presented a technique for defense evasion called “Process Doppelganging” in Blackhat EU 2017 which can be found here and a video of the session here. In this...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on Medusa

Hi Pen testers! Let’s learn about a different tool Medusa, which is intended to be speedy, parallel and modular, login brute forcer. The goal of tool is to support as many services which allow remote...

View Article


Image may be NSFW.
Clik here to view.

A Detailed Guide on HTML Smuggling

IntroductionHTML Smuggling is an evasive payload delivery method that helps an attacker smuggle payload past content filters and firewalls by hiding malicious payloads inside of seemingly benign HTML...

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on Hydra

Hello! Pentesters, this article is about a brute forcing tool Hydra. Hydra is one of the favourite tools of security researchers and consultants. Being an excellent tool to perform brute force attack,...

View Article

Image may be NSFW.
Clik here to view.

Process Herpaderping (Mitre:T1055)

IntroductionJohnny Shaw demonstrated a defense evasion technique known as process herpaderping in which an attacker is able to inject malicious code into the mapped memory segment of a legit process...

View Article
Browsing all 1812 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>