Exploring, Exploiting Active Directory Pen Test

Active Directory (Pen Test ) is most commonly used in the Enterprise Infrastructure to manage 1000’s of computers in the organization with a single point of control as “Domain Controller”. Performing Penetration Testing of Active Directory is more interesting and are mainly targeted by many APT Groups with a lot of different techniques. We will […]

Gratis Winter Pen Test 2019 Program

Overview : Free Penetration Testing For Open Source Application. We love to help to secure Open Source application and that’s a primary reason every year we provide the free Free Penetration Testing of the open source application. Under the Gratis Pentest in last 3 years, we have evaluated security postures of open source applications such as- Refinery […]

My Six Months Journey in SecureLayer7

Before I step into the new year, I would like to share about my delightful journey in SecureLayer7, in short SecureLayer7 Review. Six months back, I had completed my graduation and was looking forward to start my career in the Information Security industry. I was guided by my friend, @rakeshnagekar who holds six years of […]

SecureLayer7 at Japan’s Code Blue International Conference, Nov 2018.

Hey there, I wanted to talk about my experience at SecureLayer7 at Japan’s Code Blue International Conference, Nov 2018. I’m a Security Consultant at SecureLayer7 who is an Information Security enthusiast with keen interest in learning latest technologies along with playing CTFs’.I learnt that SecureLayer7 is one of the sponsors for the Code Blue International […]

Abusing SUDO Advance for Linux Privilege Escalation – RedTeam Tips

Abusing SUDO Advance for Linux Privilege Escalation If you have a limited shell that has access to some programs using thesudocommand you might be able to escalate your privileges. here I show some of the binary which helps you to escalate privilege using the sudo command. If you already read my previous article(Abusing Sudo) then you can skip […]

Fileless malware- the ninja technique to spread malwares using default os tools

What are fileless malwares? Fileless malware are not typical malwares that probe directly or indirectly to install software on a victim’s machine and then execute. Instead, tools that are built-in to Windows are hijacked and used to carry out attacks. Why is it more dangerous? Due to the usage of only default windows tools, no […]

Cryptocurrency Mining Scripts Harnessing your cpu memory via Browsers

Hidden MiningWebsites are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies. Scenario then vs now: Websites using crypto-miner services could mine cryptocurrencies with your browser memory when you visit their site. Feasibility: Once you close the browser window, they lost access […]

Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order to perform this, you just need to type “root” into the username field, leave the password blank, and hit the Enter a few times ( two or more) and […]

BlueBorne- the lethal attack to take over your devices

The latest attack Blueborne is taking over by storm , lets read about it in concise, the attack method and the details of this bug. A series of vulnerabilities have been unearthed in the implementation of Bluetooth which allows hackers to take over your computers/ tablets/ smartphones whenever Bluetooth is on. A total of eight […]