Category: Cyber Security

CVE-2023-38831 is a file extension spoofing vulnerability in RARLabs WinRAR. By exploiting this vulnerability, attackers can create a RAR or ZIP archive containing a harmless file and embed malicious code in a folder with the same name. If the user opens the archive to view the harmless file, the malicious code is executed. This vulnerability…

Shellshock is a security vulnerability that was discovered in 2014, and it allows an attacker to execute arbitrary shell commands on a computer system. This vulnerability primarily affects the Bash (Bourne Again SHell) shell, which is commonly found in Linux and Unix-like operating systems. Shellshock arose due to a flaw in the way Bash processes…

Caldera is an automation and response platform designed for security professionals. It is used to enhance cybersecurity operations and threat hunting processes. Caldera is designed to simulate attack scenarios, monitor threats, analyze them, and respond. This allows security teams to test defense strategies, identify vulnerabilities, and be prepared for real-world attacks. Key features of Caldera…

Hello, I will talk to you about buffer overflow attack and how we can get a reverseshell to execute code by taking advantage of this vulnerability, and I will show you this in practice. Requirements; -> Kali Linux or parrot OS -> Windows Endpoint -> Immunity Debugger(https://www.immunityinc.com/products/debugger/) -> Vulnserver(https://github.com/stephenbradshaw/vulnserver) -> Mona(https://github.com/corelan/mona) To briefly talk about…

The landscape of web security underwent a significant transformation with the advent of OWASP. OWASP is an organization formed by a collective of passionate developers, security experts, and technology enthusiasts. Its primary objective is to fortify web applications against vulnerabilities and bolster the overall security posture of the web against cyber threats. Established in 2001,…

Note: First of all, the tool I use below is prevented by defender. In order to bring this tool to windows, you must obfuscate the relevant code or have it marked as allow with social engineering. Prerequisites In this article, I will explain how to bypass (disable) Microsoft Defender. First of all, if we want…

Powercat is a PowerShell-based tool that provides the functionality of Netcat, a popular network utility. It can be used to create reverse shells, transfer files, and perform other network-related tasks. Powercat is often used by penetration testers and security researchers to test the security of networks. Now let’s talk about how to get Reverse Shell…

In one of our previous articles, we explained How to Install HX. Now, let’s talk about how to group our endpoints, how to create our policies and how to connect these policy-hostset pairs we created. To Create Host Sets; 1- Go to Admin > Host Sets 2- Click Related Button. 3- At this point, we…

Procmon is a Windows program that displays real-time information about all running processes and threads. It can be used to track system resources, identify performance bottlenecks, and troubleshoot deadlocks. A deadlock is a situation in which two or more processes are waiting for each other to complete an action, resulting in a system lockup. Procmon…

Hello everyone. In this article, I am gonna talk about CrowdStrike’s FileVantage feature and how we can set a FIM rule. CrowdStrike Falcon FileVantage is a file integrity monitoring (FIM) solution that offers central visibility and deep-level contextual data around changes made to relevant files and systems across your organization.* It is a lightweight agent…