Account Creation in Linux Linux operating system can usually have two types of account “Root” and “User” account. There are two usually two ways to manipulate the Accounts to maintain the persistence access to the machine : User Account Creation If we (attacker) has compromised the host and want to maintain the persistence access by …
Android shims are small libraries that act as compatibility layers between different versions of the Android operating system. They allow developers to call newer Android APIs on older platform versions that don’t natively support those APIs. Shims provide backward compatibility by implementing newer APIs on top of older platform functionality. This enables apps built with …
In the realm of Windows persistence, key findings reveal a diverse and sophisticated array of techniques used by attackers to maintain access to systems. These methods range from simple manipulations like startup folder and registry autorun entries to more complex strategies involving service modification, DLL hijacking, and exploitation of Windows Management Instrumentation (WMI) and Component …
Shellcode is a set of instructions used as a payload in the exploitation of a software vulnerability. It is called “shellcode” because it typically opens a command shell from which the attacker can control the compromised machine. However, shellcode can perform a variety of operations, not just opening a shell. Characteristics of Shellcode Compact and …
User Account Control (UAC) in Windows is a security feature designed to prevent unauthorized changes made by malware or other threats by requesting administrative privileges. This chapter delves into the intricate design of UAC, aiming to reverse-engineer its workflow to comprehend how it defends against malicious actions. Additionally, we’ll explore methods used by threat actors …
User Account Control/Uncontrol: Mastering the Art of Bypassing Windows UAC Read More »
Position-independent code (PIC) is a type of code that can be executed at any memory address without modification. This is in contrast to position-dependent code, which is tied to a specific memory address and cannot be executed correctly if it is moved to a different location. For Example a shellcode is PIC. It cannot assume …
Introduction In the vast landscape of cybersecurity, vulnerabilities often present themselves as a series of interconnected events, aptly termed the “vulnerability kill chain.” Each link in this chain provides insights into the cascading steps that can lead to unintended consequences for software applications. Today, we delve deep into an intriguing flaw that strikes at the …
Introduction In the digital realm, the battle between malicious software creators and cybersecurity defenders is a ceaseless saga, with the Mac ecosystem being no exception. The artistry of crafting malware is continually evolving, adapting to the robust security architecture of Mac systems. The infection vector, the conduit through which malware breaches a system, forms the …
In the age of DevOps and rapid software development cycles, Jenkins has emerged as a beacon of automation, aiding organizations in efficiently building, deploying, and automating their projects. Yet, as with any popular software, its wide adoption has also made Jenkins a prime target for Advanced Persistent Threat (APT) actors. Safeguarding this CI/CD linchpin necessitates an intricate understanding of its vulnerabilities and potential attack surfaces
Jenkins, an open-source automation server, is widely utilized for building, deploying, and automating any project, making it a valuable target for Advanced Persistent Threat (APT) actors. Understanding the attack vectors and surfaces within Jenkins is crucial to safeguarding the platform and protecting organizational assets. This article delves into the potential attack vectors and surfaces within Jenkins, providing insights into securing your CI/CD pipeline.
The intricate dance between cyber defenders and adversaries plays out daily in the vast digital playground of the Windows operating system. As the dynamics of this age-old game evolve, the strategies employed by both sides have grown increasingly nuanced. The line between cybersecurity professionals and cybercriminals blurs when it comes to mastering the art of evasion within Windows. In this deep dive, we’ll unpack the tactics, techniques, and procedures that render these actors invisible in plain sight.
As we stand at the intersection of art, innovation, and practical application, one realm beckons with increasing allure – the world of face generation in Open Source Intelligence (OSINT). From creating characters for the latest VR game to navigating the complex web of cybersecurity, the implications of face generation are as vast as they are varied. Let’s dive into this digital cosmos and decode the intriguing artistry of creating lifelike faces with algorithms.