In today’s post we are going to exploit one-way trust relationships, from an inbound point of view. If you haven’t seen it yet, take a…
Posts published in “PoC’s”
Let’s continue with the posts on Red Teaming. After the post on how to exploit misconfigured Certificate Templates, today we will talk about the forests,…
Today I would like to talk about a vulnerability that I have found frequently in the Red Team exercises I have participated in. It is…
A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in all major Linux distributions and in some Unix-like operating systems, has just appeared and…
In the last few weeks there has been a revolution in the IT world. Everyone has been worried, there have been thousands of meetings to…
Two-step or multi-step authentication is a great enhancement to account security, but phishing attacks remain a danger.
Shodan is a search engine to find specific services such as webcams, SCADA systems, linksys… Its operation is simple but effective: it scans the whole…
Today I bring you a very interesting type of SQL Injection, and that is not very well known. It’s a variation of Blind SQL Injection.if…
This is the third post on the post-exploitation method based on code caves. In the first part I showed you how to create a basic…
This is the second part of the set of posts about Post Explotation Backdooring. If you haven’t read the previous post, I recommend you do…