Blog

Python Evasion; Alternate Data Streams

Python Evasion Alternate Data Streams

Using Python for alternate data streams to hide artifacts on a system as defense evasion.

29 July 2022

Python Library Injection

Python Injection

Demonstration of how you can insert a file at the right location, you can use it to hijack Python execution.

28 July 2022

Hacking With PDF

XSS Stealing Credentials RCE PDF Injection analysis

Inspiration of how we can use PDF as an attack vector and perform multiple attacks with huge subsequences to the victim.

02 July 2022

Elastic-Case

Elastic Security SIEM ELK

A malicious double-extension file sneaked into a user inbox, which led to a full network compromise . Use your SIEM analysis skills to reveal the attack details. Lots of exciting stuff powershell, bruteforce, python, and reverse shell!.

26 March 2022

Copy Paste Attack

copy-paste

An attacker can embed a small JavaScript code it appears reasonable command but when you copy it you basically copying other malicious code.

19 January 2022

Log4Shell

Log4Shell Log4j

You will understand following things. How to create lab setup to experience log4j vulnerability?, Learn how an attacker can exploit the log4shell using Kali Linux., How to block this attack on Next Generation Firewall such as Check Point.

18 December 2021

Bypass Windows Defender in Windows 11

windows defender

Bypass Windows Defender in Windows 11.

04 December 2021

Splunk Use Cases

Splunk

More than 80 Use Cases for Splunk.

24 November 2021

Prevent Attack Using IPS Blade Protection

IPS Check point Firewall

Prevent Attack Using IPS Blade Protection

21 November 2021