Search results

😈 Lazarus infects companies through news websites and financial software Experts have discovered sophisticated targeted attacks by the Lazarus hacker group targeting businesses in South Korea. — The hackers used a combination of two main methods: ⏺First, they infected victims' systems through...

😈 Lazarus infects companies through news websites and financial software Experts have discovered sophisticated targeted attacks by the Lazarus hacker group targeting businesses in South Korea. — The hackers used a combination of two main methods: ⏺First, they infected victims' systems through...

💉 Hacking Websites: A Cheat Sheet on SQL Injections There are 5 main types of SQL injections: ⏺Classic (In-Band or Union-based). The most dangerous and rare attack today. Allows immediate extraction of any data from the database. ⏺Error-based. Allows extraction of information about the...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

🔍 How to quickly change your IP in Linux — Today we'll look at a couple of programs that allow you to change your IP address absolutely free. After installation, these programs will literally change your IP with just one command, meaning you can hide your real IP address. Both of these...

🔸 Password Recovery Tool LaZagne is an open-source password recovery tool. It is designed to extract saved passwords from various applications on the system. Some features of LaZagne on Linux: ⏺Browser support. Allows you to recover saved passwords from popular web browsers. ⏺Database...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

🦁 Brave Open Sources Cookiecrumbler Cookiecrumbler is a tool from Brave that automatically detects and blocks cookie consent notices on websites. The tool works as follows: ⏺Cookiecrumbler crawls popular websites using regional proxies; ⏺Downloads pages using Puppeteer to find cookie consent...

📄 Mimikatz Cheat Sheet Mimikatz is an open-source tool that allows you to extract Windows credentials from memory, as well as view and save authentication credentials, such as Kerberos tickets. It is often used by security professionals and attackers to test and exploit Windows...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

😈 Cracking an encrypted PDF file | Cracking encrypted rar, zip, 7z archives | Utilities: pdfcrack, rarcrack, and more — In today's article, the author will share examples of cracking password-encrypted PDF files and archives. He will also show examples of using programs such as pdfcrack...

🚠 Transparent Traffic Interception sslstrip is a tool that: ⏺silently intercepts HTTP traffic on the network ⏺monitors HTTPS links and redirects ⏺and then matches these links to their HTTP counterparts or homograph-like HTTPS links — It also supports modes for serving a site icon (favicon)...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

👩‍💻 The most important events in the world of infosec in April This month: ⏺Roskomnadzor's "white list" contains 75,000 IP addresses ⏺Pavel Zhovner spoke about the work on Flipper One ⏺Pre-installed malware found again in budget Android smartphones ⏺Researchers hacked a Nissan Leaf ⏺AI...

🔎 Google Dorking or Using Google to the Max | Cheat Sheet Google Dorks or Google Hacking is a technique used to discover hidden information and vulnerabilities found on public servers. This is a method in which normal website search queries are fully utilized to identify information hidden on...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

❗️ Tracking the movement of iOS devices iSniff-GPS is a passive sniffing tool for capturing and visualizing WiFi location data disclosed by iOS devices. It passively sniffs SSID probes, ARP broadcast packets, and MDNS (Bonjour) packets of nearby iPhones, iPads, and other wireless devices. The...

🎃 How to Escalate Privilege During an Active Directory Penetration Test An Active Directory (AD) pentest is a simulation of attacks on a company's domain infrastructure to identify vulnerabilities related to account management, access policies, service settings, and trust relationships. In...

*** Hidden text: You do not have sufficient rights to view the hidden text. Visit the forum thread! ***

❗️ BypassAV, Fileless Attack, and AMSI (Theory) Malware developers are constantly looking for ways to evade detection by security tools. One way is to bypass scanners using obfuscation, encryption, steganography, and other methods to make it more difficult for antivirus software to determine...