Web LLM attack demonstrationOrganizations are rushing to integrate Large Language Models (LLMs) in order to improve their online customer experience. This exposes them…May 3, 2024May 3, 2024
Advancing Cybersecurity: Navigating the New Landscape of AI Penetration TestingSoftware security has made significant strides in the past few decades. It’s hard to believe now, but there was a time when penetration…Mar 20, 2024A response icon1Mar 20, 2024A response icon1
Unveiling the Cunning: A Demo of Google Calendar RAT Exploiting Calendar Service for C2 OperationsIn a recent discovery that sounds more like Hollywood fiction than reality, attackers have been found using Google Calendar as a Command…Nov 8, 2023A response icon3Nov 8, 2023A response icon3
Decoding RTLO in Hacking: How to Detect and Defend Against Right-to-Left OverrideIntroductionOct 26, 2023Oct 26, 2023
Achieving CRTO Success: My Journey through the Red Team Operator ExamHello, fellow enthusiasts of cybersecurity! I’m thrilled to share the exhilarating story of my successful conquest of the CRTO (Red Team…Oct 26, 2023A response icon2Oct 26, 2023A response icon2
Browser-Based File Archiving: A New Threat VectorInspired by Mr. D0x’s method of phishing, outlined in the following article, this piece delves into the cybersecurity risks posed by…Jun 23, 2023Jun 23, 2023
Install Havoc C2 framework on Kali LinuxAccording to the latest installation guide on havocframework official siteJun 9, 2023Jun 9, 2023
(Mac pentest series) Install apps of dmg and pkg types without admin passwordContinuing from the previous post (Mac pentest series): Installing Homebrew without sudo privilegeJun 6, 2023A response icon1Jun 6, 2023A response icon1
(Mac pentest series) Install Homebrew without sudo privilegeRecently, my company provided me with a 2023 MacBook Pro, equipped with the M2 chip, as a replacement for my old Lenovo laptop. Along with…Jun 5, 2023Jun 5, 2023
JWT — Burpsuite Web Academy WalkthroughJSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. They can theoretically…Apr 5, 2023A response icon2Apr 5, 2023A response icon2
