Blog
Home / Blog
Understanding CRLF Injection Attacks
In web security, CRLF Injection Attacks remain a potent threat. This blog aims to provide comprehensive insight into this malicious technique, its implications, and the
Exploiting MS SQL Servers
As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular
BloodHound Cheat Sheet
BloodHound is a powerful security tool that uses graph theory to reveal the relationships between users, groups, and computers in a domain. In this comprehensive
Resource-Based Constrained Delegation (RBCD) Attack
Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their
AS-REP Roasting
Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it
Exploiting Active Directory Certificate Services (AD CS)
With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component
A Comprehensive Guide to Android Penetration Testing
Android penetration testing is a crucial aspect of ensuring the security of mobile applications. With the increasing popularity of Android devices and the widespread use
What is Objective-Based Penetration Testing?
In today’s digital landscape, where cyber threats loom large, organizations increasingly recognize the importance of robust cybersecurity measures. As cyber-attacks continue to rise in frequency
Pen testing vs Bug Bounty
Penetration testing (pen testing) and bug bounty programs are two popular methods of ensuring the security of the digital assets of a business. While both
Maximizing Active Directory Security: Tips and Best Practices
Active Directory (AD) is integral to many organizations’ IT infrastructures, serving as the repository of user identities, computer accounts, and network resources. However, due to
How OSINT Can Revolutionize Your Information Gathering
OSINT, also known as Open Source Intelligence, plays a pivotal role in this process by gathering and analyzing publicly accessible information from diverse sources. Unlike
Mastering Scoping: The Key to Effective Penetration Testing
As cyber security threats have continuously evolved, penetration testing has become essential to an organization’s security strategy. Penetration tests allow us to detect weaknesses in
