Annotation Being skilled at identifying vulnerabilities in source code, executing SQL injection attack, exploiting outdated services in well-known scripts, and even infiltrating enterprises to gainView More
Author: Ivan Glinkin
Docker for pentesters or switching GNU/Linux environment from virtual machines into containers
From ages ago till now there are plenty of discussions regarding the best/appropriate approach of using a pentesting OS: as a main, live system, dualView More
Brief iOS apps analysis (without Jailbreak)
For cyber security analysts and penetration testers dealing with mobile applications is the day-to-day activity. But if we are talking about Android applications, it’s quiteView More
shellDAVpass – non interactive reverse shell to bypass the defender and AntiVirus detections
When we are talking about hacking, basically, the main purpose of any penetration testing is to get the full control over the server aka theView More
Are free VPNs safe enough?
Nowadays, more and more people are using VPN (virtual private network) for different purposes. For one of them that’s a good stuff to hide theirView More
Alfa AWUS036ACH WiFi adapter install on Kali Linux
That is the single instruction how to install Alfa AWUS036ACH WiFi adapter on Kali Linux (including M1 Mac CPU). INSTALLATION git clone https://github.com/aircrack-ng/rtl8812au.git # DownloadView More
Install Volatility on Kali Linux (including M1 Mac CPU)
That is the single instruction how to install Volatility application on Kali Linux (including M1 Mac CPU). INSTALLATION #!/bin/bashsudo apt-get updatesudo apt install -y python2.7sudoView More
Big companies “Childhood diseases”
There is a widespread opinion as big the company is as harder to find breaches there: all the well-known vulnerabilities are fixed and mitigated, DevOpsView More
AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way forView More
The Russian Kerbrute
The first thing every penetration tester performs getting into a controller domain subnet is to brute force discovery of users which is called a KerbruteView More
Fast Google Dorks Scan
“Enumeration is the key” – that’s the main tagline of the Offensive Security Certified Professional certification. Indeed, as a statistic says, more than a halfView More
h@cktivitycon2021 by HackerOne
Capture the flag (aka CTF) is a cybersecurity game the main aim of which is to crack/solve/find the solution to the weirdest IT tasks andView More
“Kept bombing out in HEAT” or how I hacked Cambridge and MIT subdomains within a week and didn’t even get any thanks
Once you got into cybersecurity, you want to hack everything. You may be surprised but in some way it’s possible and even rewarded by theView More
If you play with hackers, don’t be surprised when you get hacked or TryHackMe 0-day exploit
There is always something new happens in our life: new work, new experience, new field of study, etc. And cyber security is not an exception:View More
Red Teaming – Through PostgreSQL to shell
The easiest way to get reverse shell through the PostgreSQL database. 1. Connect to the DB2. Create a new table CREATE TABLE demo(t text);3. RunView More