Process Injection: Harnessing the Power of Shellcode

Process Injection Process injection is an advanced penetration testing technique used by experienced penetration testers to introduce malicious code into non-malicious processes, infiltrating stealthily without detection and response solutions. Also referred to as shellcode injection, process injection employs various mechanisms and methodologies in its quest. We will explore its theory as well as different forms...

Introduction to EDR Evasion: API Hooking

Endpoint Detection and Response (EDR) solutions are essential for monitoring and responding to security incidents on endpoints. These solutions employ various techniques to identify malicious behavior, including the use of API hooking. API hooking is one of the commonly employed methods by EDRs. It helps to intercept and redirect the execution flow of specific functions...

DNS Data Exfiltration: Protecting Your Organization from Stealthy Threats

In today’s digital landscape, organizations face a constant barrage of cyber threats. One such threat is DNS Data Exfiltration, a technique used by malicious actors to surreptitiously transfer sensitive information out of a compromised network. This can lead to significant data breaches and substantial financial losses for organizations. In this blog, we will explore the...

PrintNightmare: The Vulnerability That Shook Windows Systems 

In recent years, the cybersecurity landscape has been constantly evolving, with new vulnerabilities and exploits emerging on a regular basis. One such vulnerability that made headlines in 2021 is PrintNightmare, also known as CVE-2021-1675/34527. This vulnerability targets the Windows Print Spooler service, allowing attackers to escalate their privileges and gain unauthorized access to systems. In...

What is LLMNR Poisoning and How to Avoid It

As a cybersecurity professional, I’ve come across various attacks that threaten network security. LLMNR poisoning is one such threat, which poses great danger if left unaddressed. In this blog, I will outline exactly what LLMNR poisoning is and its dangers as well as ways it can be avoided and combatted. What is LLMNR poisoning? LLMNR...

Windows UAC Bypass

What is UAC?  UAC (User Account Control) is a windows security feature that forces any new process to run in non-elevated mode by default. Any process executed by any user including administrators themselves has to follow the rules of the UAC I.e., ‘Do not trust any user running the process’. If actions has to be...

Raspberry Pi Pentest Dropbox

There are situations where On-site penetration testing is not always feasible. It’s better to go for a remote “pentest dropbox” in such cases. The pentest dropbox, in this context, is a Raspberry Pi 4 which is shipped to a remote customer/client. The client will either connect the dropbox to an ethernet port or set the...

VLAN Hopping

Introduction to VLAN   Virtual LAN is a logical method of grouping Layer-2 switchports on a local switch into different broadcast domains. VLANs can help to segment a physical network switch to multiple virtual networks. VLANs can be set up by configuring network switches with a specific VLAN name and number. Valid VLAN numbers can range...