Cryptocurrency Mining Scripts Harnessing your cpu memory via Browsers

Hidden MiningWebsites are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies. Scenario then vs now: Websites using crypto-miner services could mine cryptocurrencies with your browser memory when you visit their site. Feasibility: Once you close the browser window, they lost access […]

Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order to perform this, you just need to type “root” into the username field, leave the password blank, and hit the Enter a few times ( two or more) and […]

Exploiting Browsers using PasteJacking and XSSJacking Vulnerability

Hi Readers, in the field of penetration testing, we all know attacks such as Clickjacking, Cross Site Scripting etc. These are attacks from most  OWASP Top 10 test cases. Today we will look into some advanced attack vectors which have been lately around sometime but not all are aware of. Pastejacking. The art of changing […]

Reverse Engineering 101 – With Crack-mes

Reverse Engineering is an fascinating art of playing with low level code. In this article, we will see a hands-on tutorial for patching an exe file to accept any serial key! Tool for use: ● Ollydbg (http://www.ollydbg.de/) ● A crack-me for demonstration. You can download loads of crack-mes for hands-on practice from http://crackmes.de/ A crack-me […]

BlueBorne- the lethal attack to take over your devices

The latest attack Blueborne is taking over by storm , lets read about it in concise, the attack method and the details of this bug. A series of vulnerabilities have been unearthed in the implementation of Bluetooth which allows hackers to take over your computers/ tablets/ smartphones whenever Bluetooth is on. A total of eight […]

Pacemakers prone to getting hacked

Recently the The FDA and Homeland Security have issued alerts about vulnerabilities in 4,65,000 pacemakers. The devices can be remotely “hacked” to increase activity or reduce battery life, potentially endangering patients. Feasible vulnerabilities: Absence of memory and encryption: In such embedded devices there is a lack to support proper cryptographic encryption. Conventional cryptography suites are […]

Automating Web Apps Input fuzzing via Burp Macros

Hi Readers, This article is about Burp Suite Macros which helps us in automating efforts of manual input payload fuzzing. While it may be known to many testers, this article is written for those who are yet to harness the power of burp suite’s macro automation. In my penetration testing career so far, while performing […]

Memory Forensics & Reverse Engineering : Thick Client Penetration Testing – Part 4

Static Analysis/ Reverse Engineering for Thick Clients Penetration Testing 4 Hi Readers, let’s take a look into static analysis. The advantage which thick clients offer over web applications are the ability to inspect the code and perform code level fuzzing which is more interesting for me! How to inspect code at a static level? There […]

Java Deserialization Exploit Resulting RCE on Thick Client Penetration Testing – Part 3

Thick Client Penetration Testing – 3 covering the Java Deserialization Exploit Resulting Remote Code Execution Welcome Readers, in the previous two blogs, we have learnt about the various test cases as well as setting up traffic for thick clients using interception proxy. Among the plethora of test cases out here, one particularly interesting is about […]

Detailed Traffic Analysis for Thick Client Penetration Testing – Part 2

After getting the basics of thick client pentest, let’s delve into the very first steps you can take to commence thick client pentest. Interception and setting up proxy of application. Thick clients can be broken down into two types based on proxy settings: Proxy aware Proxy unaware Proxy aware are those applications which has settings […]