Introduction to OSINT
Introduction to OSINT October 07, 2022 Informational Redfox Security Team Technological breakthroughs have revolutionized the entire world into what, at present, is called the information age. One of the most important things about this age is that internet technologies are used in all areas of life and business to get the most out of them. […]
IPV6 DNS Takeover
IPV6 DNS Takeover September 26, 2022 Active Directory Shashikant Prasad Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not realize that although most organizational networks communicate using IPv4, Windows versions since Windows Vista enables IPv6 by default and prefers […]
Active Directory Basics
Active Directory Basics September 26, 2022 Active Directory Gaurav Choudhari The number of resources such as users, databases, or servers managed in organizations poses questions about accountability as firms adjust to industry needs and norms. Additionally, the dispersed structure of managing the infrastructure and its procedures makes it challenging for enterprises to monitor employee activity. […]
Blockchain 101
Blockchain 101 September 21, 2022 Active Directory Kunal Kumar A blockchain is a shared distributed ledger between computer network nodes. It serves as an electronic database for storing data in digital form. Blockchain keeps a secure and decentralized record of transactions and are best recognized for their critical role in cryptocurrency systems such as bitcoin. […]
JWT Authentication Bypass
JWT Authentication Bypass September 11, 2022 Active Directory Shashikant Prasad What are JWTs? JSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. Theoretically, they can contain any kind of data, but are often used to send information about users as part of authentication, session handling, and access control […]
Insecure Deserialization in Java
Insecure Deserialization in Java September 02, 2022 Web Application Redfox Security Team Our previous blogs covered Insecure Deserialization in PHP and Python. In this blog (the third in our “Insecure Deserialization” series), we’ll take a glance at how to exploit a deserialization vulnerability in Java. So, let’s begin with the fundamentals. Insecure Deserialization in Java […]
Intro to Software Reverse Engineering (Part 3)
Intro to Software Reverse Engineering (Part 3) August 21, 2022 Hardware Redfox Security Team Hey everyone! In the previous blog (part 2 of the “Intro to Software Reverse Engineering”), we covered a walk-through of a challenge from crackmes.one. We’ll be continuing our series on software reverse engineering with a walkthrough of another challenge from crackmes.one. […]
Intro to Software Reverse Engineering (Part 2)
Intro to Software Reverse Engineering (Part 2) August 13, 2022 Hardware Redfox Security Team In our previous blog (part 1 of the “Intro to Software Reverse Engineering” series), we covered the basics of Reverse Engineering. In this blog (part 2 of the same series), we’ll be covering a walk-through of a challenge from crackmes.one. This […]
Insecure Deserialization in Python
Insecure Deserialization in Python August 12, 2022 Web Application Redfox Security Team In this blog (part of the “Insecure Deserialization” series), we are going to discuss Insecure Deserialization in Python. We briefly discussed “What is Serialization?” and “What is Deserialization?” in our previous blog. Synopsis Python’s pickle module is used for serialization and deserialization in […]
Intro to Software Reverse Engineering – Part 1
Intro to Software Reverse Engineering – Part 1 August 08, 2022 Hardware Redfox Security Team Software Reverse Engineering is the process through which one attempts to understand a program’s functionality by analyzing its code. In this blog (part 1 of the “Intro to Software Reverse Engineering” series), we’ll delve into Reverse Engineering x86 Windows applications. […]