Did you know that Jingle Bells was the first song played in outer space by the crew of NASA’s Gemini 6A space flight in 1965? Picture, if you will, a group of astronauts jamming out to the jolly jingle while floating through the stars in their miniature version of a one-horse open sleigh. But more than music, […]
According to an announcement made on Tuesday, August 10 by FireEye, a global cybersecurity firm, a coordinated cyberattack, which most likely originated in China, hit dozens of Israeli government and private organizations. This cyberattack is the first documented case of a large-scale Chinese attack on Israel, the world’s leading cyber superpower. Aimed at leaking political […]
With more than 11,000 athletes from 206 countries participating, the world is watching the delayed Tokyo 2020 Olympic Games with great enthusiasm. But, unfortunately, while the Olympics showcases the very best in sporting talent, it also has a history of attracting cybersecurity threats from those seeking to cause politically motivated harm, make easy money, spread […]
Hey, It’s been a busy month for me and I was not able to save time to write the final part of the series on Malware Development. But I am receiving too many DMs on Twitter accounts lately to publish the final part. So here we are. If you are reading this blog, I am […]
Recap In the previous post, we wrote a simple CMD Reverse Shell over TCP. However, in a real-life scenario, things would be pretty different. In this post, we will be focusing on Evading Antivirus and covering the following topics: Creating a Simulated Environment using Windows Active Directory, DNS, Proxy and Firewall. Writing C/C++ code for […]
The Prologue This is my reposting of the blog series I wrote here at ScriptDotSh If you haven’t watched the videos yet, here are my links to both the antivirus evasions I performed: 1. Windows Cloud ML Defender Evasion 2. Kaspersky AV Evasion Besides the above two, I was also able to evade the Symantec […]
Introduction Host header injections have been around for a while now, and sometimes the developer just does not know how to get rid of them! Configuring virtual hosts, adding host verification codes to redirection pages, etc. All of this can be time-consuming or stressful for some! So, I will be explaining a simple technique that […]
What is Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run the RDP server software. Everyone who […]
The Scope Recently, we conducted a red team assessment for a large enterprise client where the scenarios allowed were to either use the hardened laptop of the client or to try and connect our own laptop to the network (though they did have a Network Access Control system in place). This blog posts lists out […]
Prologue In the previous blogpost, we reverse engineered a binary and extracted the password from within it. This binary however contained a plaintext password. This was good to start for beginners, but you won’t really find such types of binaries in today’s world. In real life, passwords are mostly obfuscated or encrypted. Most of the […]
