Enter the intriguing realm of SMBs, also known as Server Message Singular, extensively utilized within Windows systems. This comprehensive guide delves into their intricate mechanics and sheds light on SMB Signing, a pivotal security component. Prepare yourself for an amazing journey as we venture deep into SMB Server Message Singular; fasten your seat belt for...
Process Injection Process injection is an advanced penetration testing technique used by experienced penetration testers to introduce malicious code into non-malicious processes, infiltrating stealthily without detection and response solutions. Also referred to as shellcode injection, process injection employs various mechanisms and methodologies in its quest. We will explore its theory as well as different forms...
Endpoint Detection and Response (EDR) solutions are essential for monitoring and responding to security incidents on endpoints. These solutions employ various techniques to identify malicious behavior, including the use of API hooking. API hooking is one of the commonly employed methods by EDRs. It helps to intercept and redirect the execution flow of specific functions...
In today’s digital landscape, organizations face a constant barrage of cyber threats. One such threat is DNS Data Exfiltration, a technique used by malicious actors to surreptitiously transfer sensitive information out of a compromised network. This can lead to significant data breaches and substantial financial losses for organizations. In this blog, we will explore the...
In recent years, the cybersecurity landscape has been constantly evolving, with new vulnerabilities and exploits emerging on a regular basis. One such vulnerability that made headlines in 2021 is PrintNightmare, also known as CVE-2021-1675/34527. This vulnerability targets the Windows Print Spooler service, allowing attackers to escalate their privileges and gain unauthorized access to systems. In...
As a cybersecurity professional, I’ve come across various attacks that threaten network security. LLMNR poisoning is one such threat, which poses great danger if left unaddressed. In this blog, I will outline exactly what LLMNR poisoning is and its dangers as well as ways it can be avoided and combatted. What is LLMNR poisoning? LLMNR...
What is UAC? UAC (User Account Control) is a windows security feature that forces any new process to run in non-elevated mode by default. Any process executed by any user including administrators themselves has to follow the rules of the UAC I.e., ‘Do not trust any user running the process’. If actions has to be...
There are situations where On-site penetration testing is not always feasible. It’s better to go for a remote “pentest dropbox” in such cases. The pentest dropbox, in this context, is a Raspberry Pi 4 which is shipped to a remote customer/client. The client will either connect the dropbox to an ethernet port or set the...
Introduction to VLAN Virtual LAN is a logical method of grouping Layer-2 switchports on a local switch into different broadcast domains. VLANs can help to segment a physical network switch to multiple virtual networks. VLANs can be set up by configuring network switches with a specific VLAN name and number. Valid VLAN numbers can range...
