Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not realize that although most organizational networks communicate using IPv4, Windows versions since Windows Vista enables IPv6 by default and prefers it over IPv4. We are exploiting this functionality to gain...
The number of resources such as users, databases, or servers managed in organizations poses questions about accountability as firms adjust to industry needs and norms. Additionally, the dispersed structure of managing the infrastructure and its procedures makes it challenging for enterprises to monitor employee activity. This makes it simpler for attackers to access the network’s...
A blockchain is a shared distributed ledger between computer network nodes. It serves as an electronic database for storing data in digital form. Blockchain keeps a secure and decentralized record of transactions and are best recognized for their critical role in cryptocurrency systems such as bitcoin. The innovation of a blockchain is that it fosters...
What are JWTs? JSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. Theoretically, they can contain any kind of data, but are often used to send information about users as part of authentication, session handling, and access control mechanisms. Unlike the classic session tokens, all of the data...
Our previous blogs covered Insecure Deserialization in PHP and Python. In this blog (the third in our “Insecure Deserialization” series), we’ll take a glance at how to exploit a deserialization vulnerability in Java. So, let’s begin with the fundamentals. Insecure Deserialization in Java The use of Java deserialization is to create objects from input sources....
