Search results

❗️ Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack ⚠️ Cloudflare specialists reported the largest DDoS attack to date, with a power of up to 5.6 Tbps. The attack was carried out using the Mirai botnet, which consists of 13,000 compromised devices. According to Cloudflare, the...

💳 Hiding Bluetooth Device Signals Spooftooph – designed for automatic spoofing or cloning the names, class, and address of Bluetooth devices. ⚠️ Cloning this information allows a Bluetooth device to effectively hide from view. Bluetooth scanning programs will only display one device if...

🔎 SSH Tunneling for Windows and Linux Penetration Testing SSH (Secure Shell) is a network protocol that provides a secure way to remotely access computers and other network devices. SSH creates an encrypted channel for secure data transfer between the client and server. This article will...

🐽 Surrounding Traffic Sniffing Wireless IDS is an open-source tool written in Python and runs on Linux. It sniffs surrounding wireless traffic and analyzes suspicious packets, such as WEP/WPA/WPS attacks, wireless client switching to another access point, identifying possible rogue APs...

💻 OpenSSH Security Mechanisms: Analyzing Vulnerabilities in 2024 OpenSSH (Open Secure Shell) is a suite of programs that provides encrypted communication sessions over computer networks using the SSH protocol. Last year was an interesting one for SSH: ⏺In the spring: a backdoor in xz-utils...

😂 Israeli spies hacked WhatsApp without a single click The attack, which affected approximately 90 people, was carried out using spyware from the Israeli company Paragon Solutions. Experts believe the attack exploited a "zero-click" vulnerability, which allows spyware to install itself on a...

❗️ Attacks on Wireless and Wired Networks Fern Wifi Cracker is a wireless security audit and attack tool written using the Python programming language and the Python Qt GUI library. The program can crack and recover WEP/WPA/WPS keys, as well as launch other network attacks on wireless or...

🔎 Kerberos for Penetration Testers This series consists of 6 articles: 1. Theory 2. Classic Attacks 3. Unconstrained Delegation 4. Constrained Delegation 5. Resource-Constrained Delegation 6. PKINIT In this series of articles, I will attempt to understand the theoretical structure of the...

📄 Handy Msfvenom Cheat Sheets MSFvenom is a standalone Metasploit payload generator that combines generation and encoding. A payload is code or a fragment of malicious code that directly performs a destructive action: deleting data, encrypting data, opening a connection for a hacker, etc...

😈 How to trick your ISP and bypass DPI DPI (Deep Packet Inspection) is a technology that allows you to collect statistical information from packets, inspect them, and filter information based on their contents. There are two types of DPI: passive and active. The only difference is that active...

❗️ Bug Bounty Process Automation Reconftw is a very large script that automates literally everything: from reconnaissance to vulnerability scanning. It incorporates the best tools used by bug hunters. Here's a small sample of what Reconftw can do: ⏺Search URLs on a website; ⏺Collect...

❗️ Cheat Sheet for Bypassing Browser XSS Filters Bypassing a browser's XSS filter is an attempt to bypass security measures that prevent cross-site scripting (XSS) attacks. These attacks occur when a web application accepts user input into its output without validating or encoding it. Some...

😈 Stealing User Hashes Using NTP Timeroasting is a security attack technique that allows one to extract password hashes of computer accounts in an Active Directory (AD) domain. The method involves exploiting the NTP protocol and the Kerberos response hashing mechanism to obtain hashes without...