Blog

Latest Infosec News and Articles SleepyCrypt: Encrypting a running PE image while it sleeps https://www.solomonsklash.io/SleepyCrypt-shellcode-to-encrypt-a-running-image.html IAM Vulnerable - An AWS IAM Privilege Escalation Playground https://labs.bishopfox.com/tech-blog/iam-vulnerable-an-aws-iam-privilege-escalation-playground Pentesting Active Directory  https://www.xmind.net/m/5dypm8/ Rootend - A *Nix

Latest Infosec News and Articles pFuzz: bypass web application firewall https://securityonline.info/pfuzz-bypass-web-application-firewall/ Roadmap https://securityflow.io/roadmap/ Full disclosure: 0-day RCE backdoor in Teradek IP video device firmwares  https://infosecwriteups.com/full-disclosure-0-day-rce-backdoor-in-teradek-ip-video-device-firmwares-85a16f346e15?source=rss----7b722bfd1b8d---4 How to Exploit SQL Server Using OLE Automation

Latest Infosec News and Articles plution: Prototype pollution scanner https://securityonline.info/plution-prototype-pollution-scanner/ Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit https://www.blackhillsinfosec.com/admins-nightmare-combining-hivenightmare-serioussam-and-ad-cs-attack-paths-for-profit/ juumla: scan for readable Joomla config files  https://securityonline.info/juumla-scan-for-readable-joomla-config-files/ Course repository for

Latest Infosec News and Articles Solving CTF with Frida - Part 6 https://cmrodriguez.me/blog/hpandro-6/ Offensive Wifi Toolkit: the most compact WiFi auditing tool https://securityonline.info/offensive-wifi-toolkit-the-most-compact-wifi-auditing-tool/ Uncovering Tetris – a Full Surveillance Kit Running in

Latest Infosec News and Articles Android security guides, roadmap, docs, courses, write-ups, and teryaagh. https://github.com/Ralireza/Android-Security-Teryaagh Bug Hunting Methodology for Beginners https://infosecwriteups.com/bug-hunting-methodology-for-beginners-20b56f5e7d19 AWS IAM Exploitation https://sra.io/blog/aws-iam-exploitation/ A cheat sheet that contains common enumeration and

Latest Infosec News and Articles Active Directory penetration testing cheatsheet https://infosecwriteups.com/active-directory-penetration-testing-cheatsheet-5f45aa5b44ff Going for the Gold: Penetration Testing Tools Exploit Golden SAML https://www.secureworks.com/blog/going-for-the-gold-penetration-testing-tools-exploit-golden-saml Fingerprinting Windows versions, AV, wireless cards over the network—all without

Latest Infosec News and Articles Fuzzing Windows RPC with RpcView https://itm4n.github.io/fuzzing-windows-rpc-rpcview/  A New Attack Surface on MS Exchange Part 1 - ProxyLogon! http://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html A new way to see and navigate directory trees

IT Security News Bulletin #83 Latest Infosec News and Articles Clone a voice in 5 seconds to generate arbitrary speech in real-time https://github.com/CorentinJ/Real-Time-Voice-Cloning Linux x86 Assembly - How to Make Playload

Latest Infosec News and Articles Tools to assess the DNS security of web applications  https://github.com/The-Login/DNS-Reset-Checker Decrypting VEEAM Passwords https://blog.checkymander.com/red%20team/veeam/decrypt-veeam-passwords/ Beanshooter - JMX Enumeration And Attacking Tool https://www.kitploit.com/2021/07/beanshooter-jmx-enumeration-and.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Android Hacking 101 Walkthrough: Part 1

Latest Infosec News and Articles meterpeter: C2 Powershell Command & Control Framework  https://securityonline.info/meterpeter-c2-powershell-command-control-framework/ domhttpx: google search engine dorker https://securityonline.info/domhttpx-google-search-engine-dorker/ reconmap: vulnerability assessment and penetration testing platform  https://securityonline.info/reconmap-vulnerability-assessment-and-penetration-testing-platform/ Getting Partial AWS Account IDs for