Many organizations today use Active Directory for better management, policy implementations, and many more. The attacks … [Read More...]
Featured Articles
How to Perform Dynamic Malware Analysis in Windows OS?
Malware objectives can be understood through cyber kill chain process. Cyber kill chain is a Swiss army knife for … [Read More...]
Zip Slip – Abusing file uploads to get RCE
There would be many times when you have come across websites with file upload functionality. Zip files have been around … [Read More...]
Editorial Picks
Latest Blog Updates
Port Scanning with SSRF
SSRF stands for Server Side Request Forgery. It means a user can trick the server into making requests for us. We could then use the server as a proxy, or worse, access resources on the server's internal network that are not meant to be publicly accessible. For example, we can initiate requests on the local network to find services running locally that aren't accessible from the global internet. This is a great way to map a target's internal network early in a penetration test. IT admins tend to put up less strong defenses for internal resources. Port scanning with SSRF is a great way to see these less-defended … [Read More...]
GraphQL Security
GraphQL is a query language for APIs. It provides a complete and understandable description of the data in API and gives clients the power to ask for exactly what they need, and nothing more. It is used by APIs to access data from the database through a single endpoint and it makes this possible by using a defined schema that specifies exactly what data we want to access. GraphQL Security is important as many big companies nowadays are using it for requesting the API to query the data, delete, update, and many more actions. GraphQL vs REST APIs This is different from REST APIs where there are separate … [Read More...]
How to make money with bug bounties
Back in the day, curious hackers would report security bugs to companies, only to end up on the wrong side of the law. But the world is different. Now, most major companies (and even many startups!) operate bug bounty programs. These allow hackers to make money with bug bounties by finding exploits in products without breaking the law. While this is great news for hackers who want to hack networks, systems and just break stuff, it's also good news for techies looking for a novel way to make a buck. After all, wouldn't it be nice to find a bug, make a thousand dollars, and then add that to your … [Read More...]
MQTT Attacks – Comprehensive Hackers Guide With Examples
In the previous article, we learned about what is MQTT, what are the topics, and MQTT broker. In addition to this, a lab from PentesterAcademy, Broker Recon and Fingerprinting is solved. MQTT Attacks are not confined to Brokers but also beyond that including Access Control List, Authentication, and Broker-Bridge Configuration. In this article, we will solve the 3 lab challenges for simulating MQTT Attacks as numbered below Access Control ListACL and AuthenticationBroker-Bridge Configuration MQTT Attack - Access Control List Access Control List is a list of rules which specifies which users have access … [Read More...]
External Entity Injection (XXE)
External Entity Injection is a type of security vulnerability that allows the attacker to manipulate the way a web application processes the XML data. The attack occurs when a misconfigured XML parser processes an XML input containing references to an external resource. A bit different than SQL Injection but it does have some common themes. The attacker takes advantage of the vulnerability by embedding malicious inline DOCTYPE definition in the XML data. In this article, we will have a thorough look at the XML and the different types of External Entity Injection attack i.e, Normal and Out-of-band XXE attacks. … [Read More...]