Knowledge-base

July 9, 2020

COVID-19’s Best Practices for Building Secure Mobile Applications

A worldwide catastrophe this contagious virus COVID-19 pandemic has raised endless problems to mankind. The restrictions we face today are something humans are not used to. […]
June 12, 2020
HTTP Request Smuggling

Everything about HTTP Request Smuggling

What is HTTP Request Smuggling? Hiding HTTP Request in HTTP Request. That is the main idea. Simple, right? Well, we can say that HTTP Request Smuggling […]
April 21, 2020
Phishing_Attacks_COVID_19

How to Secure Yourself From Coronavirus Phishing Attacks in Times of COVID-19

Introduction The year 2020 just had just started and we got struck with global pandemic COVID-19 caused by the novel coronavirus. With this global fear, one […]
June 27, 2019
UART Pins

Identifying UART Pins Without a Multi-Meter

As someone who likes to tinker with hardware, we often find ourselves opening up a device to find UART pins which are originally meant for debugging […]
June 27, 2019
ARM Architecture

Arm Exploitation Series #1 — Introduction to the ARM Architecture

With the increasing growth in Internet-Of-Things (IoT) devices, it is an absolute necessity to scrutinize the security of these devices too, especially when they’re going to […]
December 16, 2018
Reading time: 8/10 minutes   Folks!! In this blog, I will talk about Command and Control Servers (C&Cs) and diverse procedures utilized by “assailants” “attacker” to fabricate a powerful and […]
July 23, 2018

Abusing SUDO Advance for Linux Privilege Escalation – RedTeam Tips

Abusing SUDO Advance for Linux Privilege Escalation If you have a limited shell that has access to some programs using thesudocommand you might be able to […]
February 8, 2018
web services and api part 2

Web Services and API Penetration Testing Part #2

Welcome readers to Part 2 of Web Services Penetration Testing. In this part, we will take a quick look into the various test cases, tools, and […]
January 1, 2018
Thick Client Penetration Testing

Intercepting thick clients sans domain: Thick Client Penetration Testing – Part 5

For carrying out penetration testing assessments, our main aim has been to resolve the actual domain to the loopback IP address, by adding an entry to […]
Enable Notifications.    Ok No thanks