Process Stomping A variation of ProcessOverwriting to execute shellcode on an executable’s section What is it Process Stomping, is a variation of hasherezade’s Process Overwriting and it has the advantage of writing a shellcode payload on...
Rifiuti2 is a for analyzing Windows Recycle Bin INFO2 file. Analysis of Windows Recycle Bin is usually carried out during Windows computer forensics. Rifiuti2 can extract file deletion time, original path and size of...
r77 Rootkit Ring 3 rootkit r77 is a ring 3 Rootkit that hides the following entities from all processes: Files, directories, named pipes, scheduled tasks Processes CPU usage Registry keys & values TCP &...
Defense / Vulnerability Analysis
by do son · Published September 16, 2022 · Last modified November 30, 2023
kubeeye KubeEye is an audit tool for Kubernetes to discover Kubernetes resources (by OPA ), cluster components, cluster nodes (by Node-Problem-Detector), and other configurations that are meeting with best practices and giving suggestions for modification. KubeEye supports...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published April 7, 2020 · Last modified November 30, 2023
nuclei Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. It is used to send requests across targets based on a template leading to...
Under the cloak of cyberspace, North Korean cyber criminals have weaponized their skills to become the world’s most proficient cryptocurrency thieves. Their audacious heists, amassing a staggering $3 billion in digital assets, have not...
In the digital age, the art of thievery has evolved beyond the physical realm, as cybercriminals continually refine their tactics. A striking example of this evolution is the use of WebSockets in credit card...
Apple has released emergency security updates to address two zero-day vulnerabilities that could be exploited by attackers to gain access to sensitive information or execute arbitrary code on affected devices. These vulnerabilities tracked as...
In the ever-evolving landscape of cybersecurity, vigilance is paramount. Zyxel, a prominent manufacturer of network-attached storage (NAS) devices, has recently disclosed a series of critical vulnerabilities that could expose your NAS device to unauthorized...
In the intricate web of digital security, a recent revelation has sent ripples through the Python developer community. The widely used Python package ‘cryptography’, renowned for its cryptographic recipes and primitives, has encountered a...
