Introducing SamuraiWTF 5.3: A Powerhouse for Web App Pen Testing
We are thrilled to announce the release of SamuraiWTF (Web Training Framework) version 5.3! This latest version represents a significant milestone in our commitment to provide a comprehensive, open-source toolkit for those who wish to learn, practice, and sharpen their skills in web application ...
Continue Reading
How to iterate through advfirewall rules
Training |
professionally evil |
Secure Ideas |
Windows 10 |
Windows 11 |
sysadmin |
system administration |
cmd |
powershell |
firewall rules
There are several ways to pull firewall information from a Windows system. Today we will leverage ...
Continue Reading
Working With Data: IP and Port Filtering
Training |
professionally evil |
Secure Ideas |
technology tips and tricks |
sysadmin |
data |
data manipulation |
excel |
spreadsheet |
filtering
During our day-to-day work, there’s a lot of data that we interact with. In order to make good use ...
Continue Reading
View Wireless Profile Password Information Using PowerShell or CMD
Training |
professionally evil |
Secure Ideas |
hacking |
Windows |
Windows 10 |
Windows 11 |
sysadmin |
system administration |
cmd |
wireless |
wifi |
wifi password |
powershell |
wireless profile
There are a couple different ways for you to access your Windows wireless password information. If ...
Continue Reading
Application Security 202: Vulnerabilities Accepted
Testing |
Vulnerability |
Guidance |
data breach |
information security |
penetration testing |
application security |
professionally evil |
Secure Ideas |
hacking |
best practices |
cybersecurity |
Privilege Escalation
vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
Continue Reading
(Not So) Quick Bites - Episode 3 - Writing About Writer's Block
Deliverables |
consulting |
application security |
Secure Ideas |
cybersecurity |
methodology |
Project |
Writing |
Quick Bites
So, sometimes I have a real problem with writing, specifically reports and blog posts. Somehow, ...
Continue Reading
Privilege Escalation via File Descriptors in Privileged Binaries
application security |
professionally evil |
Secure Ideas |
Linux |
programming |
File Descriptors |
SetUID |
Privilege Escalation
Today I wanted to cover an application security topic that applies to SetUID binaries. As we all ...
Continue Reading
How to Update the Nmap OUI Database
network |
professionally evil |
Secure Ideas |
NMAP |
Linux |
IEEE |
OUI |
nmap-mac-prefixes
Overview In a previous blog post, I covered what an OUI is, how to extract them from a MAC address, ...
Continue Reading
Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
network |
professionally evil |
Secure Ideas |
MAC Address |
IEEE |
OUI |
PENT
When it comes to reconnaissance, every little bit of information can be helpful. Today, we will ...
Continue Reading
Quick Bites - Finding Open Windows File Shares
Vulnerability |
network |
Secure Ideas |
hacking |
network security |
Windows |
scanning |
methodology |
how-to |
Free
Hi there, ladies and gentlemen! My name is Aaron Moss, and welcome to the first edition of Quick ...
Continue Reading
LD_PRELOAD: Making a Backdoor by Hijacking accept()
application security |
professionally evil |
Secure Ideas |
LD_PRELOAD |
accept |
dup2 |
make |
Linux |
programming |
Shared Objects |
dlsym |
shell |
backdoor |
rootkit |
userland |
ELF |
inject |
injection
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
Continue Reading