In this post, I would like to share a way to bypass AV detection by using HoaxShell which that tool has been created by t3l3machus. What is HoaxShell? HoaxShell is a tool that contains unconventional Windows Reverse Shell which can… Continue Reading →
What is Server-Side Template Injection? An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side template injection or also known as SSTI. Normally, the attacks… Continue Reading →
In this post, I want to share on Directory Traversal Attack Method which can be useful during any Red Teaming OR Penetration Testing Before I share the demo of the attack over here, let’s study the methodology and the process… Continue Reading →
In this post, I would like to explore more binary exploitation such as nreport which will improve my skills and knowledge. For a record, the binary file is coming from OverGraph Machine on Hack the Box Platform. Before we start… Continue Reading →
Web Application Assessment Information Firstly, we need to understand why Web Application Assessment is important to any organization out there. As people should be aware by now, Web Applications have played an important and vital role in an organization’s future… Continue Reading →
I will share my experience on the Cloud Implementation Best Practices which don’t apply to any of my previous, or current organizations. My options would be off for certain organizations and individuals. Below are my top 5 Best Practice that… Continue Reading →
On this post, I would discuss the Red Teaming activity where some organization will be using those team to test the system or application. For those are not familiar with the terms “Red Teaming”, it s a team which will… Continue Reading →
What is Lateral Movement attack? For those are not familiar with Lateral Movement attack, it normally an attack that related to cyberattack techniques that used whenever they successfully gain initial access in order to go deeper within the network. The… Continue Reading →
In this post, I would like to share knowledge and experience while doing Database Penetration Testing. The purpose of Penetration Testing is to find vulnerabilities within the system and simulate the controlled environment if there is any cybersecurity attack which… Continue Reading →
Recently, a trojan called Alien which is a new ‘fork’ of Cerberus Banking Trojan that normally targets victim’s credentials from more than 200 mobile applications includes Bank of America and Microsoft Outlook. Alien Trojan has been detected active since early… Continue Reading →
© 2024 Threatninja.net — Powered by Threatninja