Security research, exploit development, and technical write-ups covering various aspects of offensive security and penetration testing.
But there's a world of difference between amateur social engineering and professional red team operations. Pros don't just send random phishing emails - they build complete, convincing campaigns with...
Read full post →That's where redirectors come in. They're basically middlemen that hide your actual C2 server. By routing traffic through redirectors, you make it much harder for blue teams to find and block your...
Read full post →I developed this analysis as part of my learning journey through the Offensive Security Exploit Developer (OSED) certification, where shellcoding is a core component of the curriculum....
Read full post →Embracing the PEN-300 course requires an individual to immerse themselves in a world of complex cyber threat landscapes and advanced penetration techniques....
Read full post →In this blog post, I will show how an attacker can exploit this vulnerability by crafting a malicious GET request to the WebUI of the EasyNAS system, I will show the vulnerable script code and how to...
Read full post →Auditing the security configuration of GraphQL API can be a complex task, as it involves protecting against a wide range of vulnerabilities. The following article will cover some common security...
Read full post →