Web LLM attack demonstrationOrganizations are rushing to integrate Large Language Models (LLMs) in order to improve their online customer experience. This exposes them…May 3May 3
Advancing Cybersecurity: Navigating the New Landscape of AI Penetration TestingSoftware security has made significant strides in the past few decades. It’s hard to believe now, but there was a time when penetration…Mar 20Mar 20
Unveiling the Cunning: A Demo of Google Calendar RAT Exploiting Calendar Service for C2 OperationsIn a recent discovery that sounds more like Hollywood fiction than reality, attackers have been found using Google Calendar as a Command…Nov 8, 20233Nov 8, 20233
Decoding RTLO in Hacking: How to Detect and Defend Against Right-to-Left OverrideIntroductionOct 26, 2023Oct 26, 2023
Achieving CRTO Success: My Journey through the Red Team Operator ExamHello, fellow enthusiasts of cybersecurity! I’m thrilled to share the exhilarating story of my successful conquest of the CRTO (Red Team…Oct 26, 20232Oct 26, 20232
Browser-Based File Archiving: A New Threat VectorInspired by Mr. D0x’s method of phishing, outlined in the following article, this piece delves into the cybersecurity risks posed by…Jun 23, 2023Jun 23, 2023
Install Havoc C2 framework on Kali LinuxAccording to the latest installation guide on havocframework official siteJun 9, 2023Jun 9, 2023
(Mac pentest series) Install apps of dmg and pkg types without admin passwordContinuing from the previous post (Mac pentest series): Installing Homebrew without sudo privilegeJun 6, 20231Jun 6, 20231
(Mac pentest series) Install Homebrew without sudo privilegeRecently, my company provided me with a 2023 MacBook Pro, equipped with the M2 chip, as a replacement for my old Lenovo laptop. Along with…Jun 5, 2023Jun 5, 2023
JWT — Burpsuite Web Academy WalkthroughJSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. They can theoretically…Apr 5, 20232Apr 5, 20232