In this article, we will learn about how to configure the password-protected Apache Web Server to restrict from online visitors without validation so that we

One of the most frustrating things to me as a security person is having sales and marketing types confuse the different types of security assessment. Similariti

Event Tracing for Windows (ETW) is the mechanism Windows uses to trace and log system events. Attackers often clear event logs to cover…

Learn about various BLE vulnerabilities and the tools and techniques employed for performing attacks on Bluetooth Low Energy devices.

Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active Directory data - ANSSI-FR/ORADAD

A high-level mind map to summarize all the techniques/tools covered by Peter Kim’s book.

For many pentesters, Meterpreter's getsystem command has become the default method of gaining SYSTEM account privileges, but have you ever have wondered just how this works behind the scenes? In this post I will show the details of how this technique works…

This is @newp_th.This issue is very similar to my previous report on Reflected XSS on Stack Overflow.

The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629).

Doing everything manually is cool, but how do we save time and money? A lot of times most of the enumeration stuff can be automated. But…

Slides from my talk at the OFFZONE 2018 conference (https://www.offzone.moscow/report/hunting-for-privilege-escalation-in-windows-environment/)

A collection of hacking tools, resources and references to practice ethical hacking. - sundowndev/hacker-roadmap

Introduction The Cybaze-Yoroi ZLab researchers investigated a recent espionage malware implant weaponized to target companies in the Italian automotive sector. The malware was spread through well written phishing email trying to impersonate a senior partner…