Blog

Latest Infosec News and Articles DInjector: Collection of shellcode injection techniques https://securityonline.info/dinjector-collection-of-shellcode-injection-techniques/ Kernel Karnage – Part 2 (Back to Basics) https://blog.nviso.eu/2021/10/29/kernel-karnage-part-2-back-to-basics/ XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS  https://github.com/horsicq/XMachOViewer Rooting

Latest Infosec News and Articles A Huge Learning Resources with Labs For Offensive Security Players https://github.com/Zeyad-Azima/Offensive-Resources ZipExec: execute binaries from a password protected zip  https://securityonline.info/zipexec-execute-binaries-from-a-password-protected-zip/ crawpy: content discovery tool https://securityonline.info/crawpy-content-discovery-tool/ Exploit for CVE-2021-40449

Latest Infosec News and Articles Tor Rootkit: Python 3 standalone Windows 10 / Linux Rootkit https://securityonline.info/tor-rootkit-python-3-standalone-windows-10-linux-rootkit/ Karma_V2 - A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework) https://www.kitploit.com/2021/10/karmav2-passive-open-source.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Into the art of

Reconftw - Simple Script For Full Recon  https://www.kitploit.com/2021/01/reconftw-simple-script-for-full-recon.html Blue Team Operations [Part 2]: How To Investigate Malware Incidents as a SOC Analyst https://infosecwriteups.com/blue-team-operations-part-2-how-to-investigate-malware-incidents-as-a-soc-analyst-7e98c387cd WAF Bypassing with Unicode Compatibility https://jlajara.gitlab.io/web/2020/02/19/Bypass_WAF_Unicode.html Drone pentesting framework console

Latest Infosec News and Articles Pwncat - Fancy Reverse And Bind Shell Handler https://www.kitploit.com/2021/10/pwncat-fancy-reverse-and-bind-shell.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 Learning Linux Kernel Exploitation - Part 2 https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/ Tool to decrypt iOS apps using r2frida https://github.com/as0ler/r2flutch WinDbg Cheat Sheet

Latest Infosec News and Articles Azure AD Introduction for Red Teamers https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html How to Use Frida & Radare to Crack a Mobile IoT App https://www.nowsecure.com/blog/2021/09/29/how-to-use-frida-radare-to-crack-a-mobile-iot-app/ A Complete Osint Tool https://github.com/Lucksi/Mr.Holmes fail2ban – Remote

Latest Infosec News and Articles How to hack a car — a quick crash-course  https://www.freecodecamp.org/news/hacking-cars-a-guide-tutorial-on-how-to-hack-a-car-5eafcfbbb7ec/ Beginners Guide to 0day/CVE AppSec Research https://0xboku.com/2021/09/14/0dayappsecBeginnerGuide.html PS2EXE - Module To Compile Powershell Scripts To Executables https://www.kitploit.com/2021/09/ps2exe-module-to-compile-powershell.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29 CVE-2021-38112:

Latest Infosec News and Articles SleepyCrypt: Encrypting a running PE image while it sleeps https://www.solomonsklash.io/SleepyCrypt-shellcode-to-encrypt-a-running-image.html IAM Vulnerable - An AWS IAM Privilege Escalation Playground https://labs.bishopfox.com/tech-blog/iam-vulnerable-an-aws-iam-privilege-escalation-playground Pentesting Active Directory  https://www.xmind.net/m/5dypm8/ Rootend - A *Nix

Latest Infosec News and Articles pFuzz: bypass web application firewall https://securityonline.info/pfuzz-bypass-web-application-firewall/ Roadmap https://securityflow.io/roadmap/ Full disclosure: 0-day RCE backdoor in Teradek IP video device firmwares  https://infosecwriteups.com/full-disclosure-0-day-rce-backdoor-in-teradek-ip-video-device-firmwares-85a16f346e15?source=rss----7b722bfd1b8d---4 How to Exploit SQL Server Using OLE Automation

Latest Infosec News and Articles plution: Prototype pollution scanner https://securityonline.info/plution-prototype-pollution-scanner/ Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit https://www.blackhillsinfosec.com/admins-nightmare-combining-hivenightmare-serioussam-and-ad-cs-attack-paths-for-profit/ juumla: scan for readable Joomla config files  https://securityonline.info/juumla-scan-for-readable-joomla-config-files/ Course repository for