Defending Against Phishing Attacks
Defending Against Phishing Attacks July 21, 2023 Informational Srishti Chopra As technology continues to advance, so do the tactics of cybercriminals. Phishing attacks trick individuals into divulging sensitive information or downloading harmful software. In this blog, we will discuss the psychology of phishing attacks and common types of phishing emails to be aware of, in […]
Understanding CRLF Injection Attacks
Understanding CRLF Injection Attacks July 19, 2023 Web Application Tarak Sakhardande In web security, CRLF Injection Attacks remain a potent threat. This blog aims to provide comprehensive insight into this malicious technique, its implications, and the preventive measures available to tackle it. Deciphering CRLF Injection Attacks Acronymized as CRLF, Carriage Return Line Feed signifies the […]
Exploiting MS SQL Servers
Exploiting MS SQL Servers July 18, 2023 Active Directory Shaunak Khosla As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular database management system that integrates with Windows and Active Directory domains, creating trust relationships that can be leveraged for […]
BloodHound Cheat Sheet
BloodHound Cheat Sheet July 17, 2023 Active Directory Kunal Kumar BloodHound is a powerful security tool that uses graph theory to reveal the relationships between users, groups, and computers in a domain. In this comprehensive guide, we’ll take a deep dive into BloodHound and its companion tool SharpHound, providing you with the knowledge and skills […]
Resource-Based Constrained Delegation (RBCD) Attack
Resource-Based Constrained Delegation (RBCD) Attack July 15, 2023 Active Directory Shashikant Prasad Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their behalf. This type of delegation is more secure than its predecessors, but it can still be abused and […]
AS-REP Roasting
AS-REP ROASTING July 15, 2023 Active Directory Karan Patel Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it can also be exploited by hackers to gain unauthorized access to sensitive information. In this article, we will take a deep […]
Exploiting Active Directory Certificate Services (AD CS)
Exploiting Active Directory Certificate Services (AD CS) July 13, 2023 Active Directory Karan Patel With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component in many enterprise environments. However, the security implications of AD CS have often been overlooked, leaving […]
A Comprehensive Guide to Android Penetration Testing
A Comprehensive Guide to Android Penetration Testing July 13, 2023 Informational Karan Patel Android penetration testing is a crucial aspect of ensuring the security of mobile applications. With the increasing popularity of Android devices and the widespread use of mobile apps, it has become essential to identify and address security vulnerabilities in order to protect […]
What is Objective-Based Penetration Testing?
What is Objective-Based Penetration Testing? July 11, 2023 Informational Srishti Chopra In today’s digital landscape, where cyber threats loom large, organizations increasingly recognize the importance of robust cybersecurity measures. As cyber-attacks continue to rise in frequency and sophistication, it has become crucial for businesses to implement comprehensive security plans. Penetration testing, or pen testing, plays […]
Pen testing vs Bug Bounty
Pen testing vs Bug Bounty July 10, 2023 Informational Srishti Chopra Penetration testing (pen testing) and bug bounty programs are two popular methods of ensuring the security of the digital assets of a business. While both methods aim to identify vulnerabilities, they differ in scope, approach, and engagement. In this blog, we will discuss pen […]