Search results

📝 Testing Cybersecurity Frameworks: MITRE ATT&CK and the Cyber Kill Chain MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a knowledge base that describes the various tactics, techniques, and methods used by cybercriminals when attacking information systems. The Cyber...

🆘 Database Encryption Extension SQLCipher is an open-source extension for SQLite that supports transparent 256-bit AES encryption of database files. It is one of the most popular database encryption systems for mobile, embedded, and desktop platforms. SQLCipher is utilized in a wide range of...

🦠 Malware Reverse Engineering for Beginners: Unpacking Packers and Bypassing Protectors Article Contents: ⏺ The Saga of Protectors and Packers — A Theoretical Primer — Manual vs. Automated Unpacking ⏺ Learning to Hide Debugger Presence and Bypass Anti-Debugging Measures — Code Encryption ⏺ A...

👀 OSINT: A Metadata Extraction Tool Metagoofil is a powerful and useful information-gathering tool designed specifically for Kali Linux. This utility is designed to extract metadata from publicly available documents hosted on websites. In this article, we will explore every aspect of using...

🌐 Rayhunter: How to Turn a Budget Router into a Digital Surveillance Detector The Electronic Frontier Foundation (EFF) has released a free, open-source tool called Rayhunter, designed to detect fake base stations (IMSI catchers)—also known as Stingrays. These devices masquerade as legitimate...

📂 Malware Analysis Tutorial: A Reverse Engineering Approach *Malware Analysis Tutorials: A Reverse Engineering Approach* is a guide that outlines a methodical approach to reverse engineering malicious code—ranging from fundamental concepts to in-depth analysis. The guide consists of 34...

💻 How I Found an RCE Vulnerability via a File Upload Form — In this article, the author will show how he discovered an RCE (remote code execution) vulnerability via a file upload form. An RCE vulnerability via a file upload form is a security flaw in a web application that allows a hacker to...

🖥 PostgreSQL Cheat Sheet PostgreSQL is a high-performance open-source object-relational database management system. It is known for its reliability, flexibility, security, scalability, and ability to handle complex data sets. This cheat sheet covers: ⏺Getting Help ⏺Database Operations...

🔒 Protecting against SSH brute-force attacks on Linux — As soon as a service is exposed on a public network, it immediately becomes a target for attack. One of the problems is attempts to gain access by brute-forcing passwords, and SSH is no exception. You can protect against this in various...

✔️ Tactical Reconnaissance Tool CloudFail is a tactical reconnaissance tool designed to gather sufficient information about a target protected by Cloudflare in hopes of discovering the server's location. Using Tor to obfuscate all requests, the tool now has three different attack stages: ⏺ DNS...

🌐 Basic and Advanced Keyboard Shortcuts in Onion Tor Browser Beyond the default functions, Tor has several keyboard shortcuts that users can use to improve their experience and navigation. In this article, we'll explore simple and advanced keyboard shortcuts for Tor to simplify and automate...

🪟 Hacking Windows Network Authentication — In this article, we'll use the Responder program to intercept hashes used for Windows authentication. We'll start with a practical example: intercepting an authentication hash and decrypting it, which will yield the username and password in Windows...

👴 Wi-Fi Hacking Using WPS Vulnerabilities Reaver is a utility for exploiting WPS vulnerabilities. It was developed for brute-force attacks on the WPS PIN, allowing attackers to gain access to the Wi-Fi password. Reaver uses an algorithm that reduces the number of combinations required to crack...