Knowledge-base

June 27, 2019

Identifying UART Pins Without a Multi-Meter

As someone who likes to tinker with hardware, we often find ourselves opening up a device to find UART pins which are originally meant for debugging […]
June 27, 2019

Arm Exploitation Series #1 — Introduction to the ARM Architecture

With the increasing growth in Internet-Of-Things (IoT) devices, it is an absolute necessity to scrutinize the security of these devices too, especially when they’re going to […]
December 16, 2018
Reading time: 8/10 minutes   Folks!! In this blog, I will talk about Command and Control Servers (C&Cs) and diverse procedures utilized by “assailants” “attacker” to fabricate a powerful and […]
July 23, 2018

Abusing SUDO Advance for Linux Privilege Escalation – RedTeam Tips

Abusing SUDO Advance for Linux Privilege Escalation If you have a limited shell that has access to some programs using thesudocommand you might be able to […]
February 8, 2018

Web Services and API Penetration Testing Part #2

Welcome readers to Part 2 of Web Services Penetration Testing. In this part, we will take a quick look into the various test cases, tools and […]
January 1, 2018

Intercepting thick clients sans domain: Thick Client Penetration Testing – Part 5

For carrying out penetration testing assessments, our main aim has been to resolve the actual domain to the loopback IP address, by adding an entry to […]
January 1, 2018

Dark Web: Accessing the hidden content Part #2

Using I2P to access the dark web – Part #2 I2P Intro: According to Wikipedia, The Invisible Internet Project (I2P) is an anonymous network layer that allows for  peer […]
December 30, 2017

Dark Web: Accessing the hidden content Part- 1

  Curiosity towards hidden and unknown things is natural to people. For the general folks, Internet is existence of websites indexed via popular search engines like […]
December 18, 2017

Fileless malware- the ninja technique to spread malwares using default os tools

What are fileless malwares? Fileless malware are not typical malwares that probe directly or indirectly to install software on a victim’s machine and then execute. Instead, […]