Introduction to Persistence In the context of offensive security and red teaming, persistence refers to techniques used by attackers to maintain long-term access to compromised systems. After an initial exploitation, maintaining a foothold on the system ensures that the attacker can return later to continue data exfiltration, lateral movement, or control without needing to exploit […]
Smartphones have become an essential part of our lives, storing personal, financial, and professional information. Securing your device is crucial to protect against cyber threats. Follow these steps to enhance your smartphone security and prevent unauthorized access. 1. Keep Your Software Updated Always update your phone’s operating system and apps. Security patches fix vulnerabilities that […]
OK, so in this blog, I will show you how to build your own lab for Android pen-testing. We will also install all the necessary tools required for Android pen-testing. 1. Installing ADB. ADB (Android Debug Bridge) is a command-line tool used for interacting with and managing Android devices or emulators. In simple term with […]
Introduction One-Time Passwords (OTPs) are widely used as an additional security layer in authentication mechanisms. They are employed by banking systems, social media platforms, and other sensitive applications. However, improper implementation can lead to severe vulnerabilities that attackers exploit to bypass OTP verification. In this blog, we will explore various OTP bypass techniques used by […]
CSV injection might sound complex, but it’s easier to grasp than you think. Essentially, it involves slipping malicious formulas into CSV files. When opened in a spreadsheet program, these formulas execute. They can do all sorts of nasty things. Here’s a closer look at how it all works: What is CSV? CSV stands for Comma […]
What is Frida? It is a dynamic instrumentation toolkit, Frida is used by testers to test security of mobile application, Frida is used to inject our JavaScript code to a application. Installing frida in kali linux: Prerequisite : Kali linux You can use command- Pip install frida-tools to install frida on kali If that doesn’t […]
Bug bounty hunting is a lucrative and challenging skill where ethical hackers identify and report security vulnerabilities in organizations’ systems. With proper techniques and strategies, you can increase your chances of discovering high-impact bugs and earning substantial rewards. This guide will walk you through the entire bug bounty process like a pro. Step 1: Choose […]
Hello everyone! I am really happy to announce that I got my first valid bug from a target, and not only that, I uncovered two bugs from that target. So in this blog, I am going to talk about those two bugs. First bug I found this bug as accdential. I will check source page […]
When it comes to cloud security, Amazon Web Services (AWS) is a prime target for penetration testers and malicious actors alike. AWS provides powerful cloud-based infrastructure to organizations across the globe, but it can also present numerous security challenges if not properly secured. One such tool designed for AWS exploitation is PACU (Privileged Access Cloud […]
Imagine a major online retailer. A sneaky hacker exploits a flaw. They sneak malicious code into the system. They access sensitive customer data. All because of a vulnerability: insecure deserialization. This weakness can cripple businesses. It exposes them to data breaches and system compromise. Deserialization is like unpacking a box. It changes data from a […]
