Search results

MassDNS is a high—performance, open-source DNS resolver designed for mass domain name resolution. Designed to work with large amounts of data, it allows you to check millions of domains in a short time. Key features of MassDNS High performance – MassDNS can send and process tens of thousands...

In today's world, speed and safety are key priorities. That is why Google developed the QUIC (Quick UDP Internet Connections) protocol, which later formed the basis of HTTP/3. QUIC is designed to replace the outdated TCP, offering faster and more reliable data transmission. Is QUIC the future...

Today, most of the services on the Internet are web. Search engines, food delivery, marketplaces, banks, government services, even school diaries - everything works through a browser. To provide the user with maximum information, a real zoo of technologies is used. Someone writes websites with...

Did you know that a simple configuration error in Active Directory can be an attacker's entry ticket into your network? We see such vulnerabilities in almost every company. Introduction Active Directory (AD) is a key technology that underpins the infrastructure of corporate networks...

This repository contains themed mindmaps that can be used as cheat sheets in various areas: from OSINT and reverse to Linux privileges, networks and bug bounties. Each card is a concise knowledge structure that is convenient to keep at hand for repetition, preparation for an interview, or...

In today's article, I want to introduce you to the best free OSINT tools that will help you gather the necessary information before starting a pentest. What is OSINT OSINT is the collection of information from publicly available sources. List of the best free OSINT tools Here is a list of...

Imagine that you are a pentester hired to check the security of the company's internal network. You need to find out if employees can fall for the bait and open malicious files. Disguising the malware as an innocuous PDF, you send it by phishing mailing list or share it. If an employee clicks on...

SIMurai is a tool for analyzing the security of SIM cards, interaction with modems, and device behavior on cellular networks. It allows you to emulate SIM cards, run attack scenarios, simulate malicious behavior, and identify vulnerabilities in modem firmware through fuzzing. What's inside...

In today's article, I will share examples of cracking password-encrypted pdf files and archive files. I will show examples of working with such programs as pdf crack, rar crack, John the Ripper. Naturally, these programs work on Linux (in my case Kali Linux), but under Windows I think there are...

Today we will analyze the PSE (PowerShell Empire) tool Notes: PS - Powershell, PSE - Powershell Empire But before going into details, I'll say right away follow me, because next there will be a systematic and understandable analysis of everything related to the pentest of the web, networks...

In this article, we'll talk about the acclaimed CVE-2025-24071, which allows attackers to obtain NetNTLMv2 hash amounts of passwords as a result of incorrect file processing.library-ms in Windows Explorer. The vulnerability itself is already being exploited in-the-wild, as evidenced by data from...

Wapiti A tool for testing the security of web applications. It helps to identify vulnerabilities such as SQL injection, XSS, LFI, RFI, authentication and privacy issues. Generates reports in HTML, XML, and JSON formats. How it works Wapiti works as a "black-box" vulnerability scanner, that...

Protecting yourself with your VPN on WireGuard In the era of digital blocking, surveillance of every movement on the web, inaccessibility of some resources due to geo of your IP and similar reasons, it is necessary to protect yourself at least in a basic way, regardless of whether it is a...

In this article, we will look at what DoS and DDoS are, how they work, what their types are, and how you can test a resource for resilience. DoS is an attack in which a single source generates a large number of requests to a target server in order to occupy its resources and make it...

We have learned how to perform Dotnet builds, but what if the program was written in C++? In this case, it is executed outside the CLR platform and will be considered unmanaged code. As a consequence, you will not be able to execute it in memory using the methods described above. It's too early...

Hello everyone. I offer you a short article on how to write a fast Reverse Shell in the Python programming language. Let's start by connecting the libraries we need. subprocess, socket Writing the server part We tell the socket that we will work via the TCP protocol (this is a more reliable...

Are you just starting out in information security and feel like you don't understand most of the discussions on forums? The world of information security is full of specific terms and abbreviations that can be confusing for a newbie. This article will help you understand the basic concepts used...

Introduction What comes to mind when you hear the word Python? Multifunctionality or cross-platform? Maybe fast speed, because everyone associates this language with different tasks and advantages. But today let's devote time to Python in the field of information security. Here it is ideal for...

Dorks Generator Today we will analyze a program for generating dorks that can be used to hack databases using SQL Injection through other software. In this article I talked about creating dorks in another program, and how you can use them. The appearance of the program in Windows Frontend...

When parsing data, there are situations when you need to access a site using the selenium driver. Since the site page has scripts running in the code that add data to the code, which simply cannot be accessed using regular requests. But things can be a little worse. For example, the page can be...