WordPress site verhuizen
Wanneer je een WordPress site wil verhuizen van hosting partij naar een andere hosting partij moet je goed opletten of de nieuwe hosing partij ook de juiste ondersteuning heeft voor jouw WordPress site. Top 5 tips Hier een top 10 tips om op te letten wanneer jij verhuisd van hosting provider Heb je voldoende schrijf […]
DATA EXFILTRATION WITH ICMP PROTOCOL
Always curious to build your own ICMP protocol exfiltration tool to exfiltrate information. Sending data This will base64 encode important-data.txt and then stuff the encoded data 16 bytes at a time into ping. Obviously you should change the IP before sending 🙂 Receiving data You can grab the data off the wire using scapy. Here’s […]
Crafting a Strong Password Policy: Your First Line of Defense Against Cyber Threats
In the ever-evolving landscape of cybersecurity, one of the simplest yet most effective measures an organization can take is implementing a robust password policy. Passwords serve as the first line of defense against unauthorized access to sensitive information, making it crucial to establish and enforce policies that promote strong and secure password practices. In this […]
Hacking domain controller with zerologon vulnerability CVE-2020-1472
In this how to we are showing the exploitation of CVE-2020-1472 also name the zerologon vulnerability. Zerologon is a vulnerability in the cryptography of Microsoft’s Netlogon process that allows an attack against Microsoft Active Directory domain controllers. Zerologon makes it possible for a hacker to impersonate any computer, including the root domain controller. Requirements: Install […]
Remove OSX code signing from teams application for virtual cam support in OBS
Open broadcast software is a popular broadcasting software for Windows,Linux and Mac os. The freature of heaving a virtual camera that can be used in a teams demonstration is very valuable. Unfortunately Teams for Mac OSX doesn’t support virtual camera’s and therefore OBS cannot be used to stream to an vritual camera under Mac OSX. […]
Building a key brute forcing device with a ATtiny85
Building your own usb connected key brute forcing device from scratch with use of a ATiny85 device and Arduino IDE. In our example we use a ATtiny85 digistump usb device to build a pin code brute forcing device to inject pin codes in the range of 0000 to 9999. Below you see the ATtiny85 device […]
Mifare CTF challenge write up
During HiTB CTF one of the challenges were to decode a Mifare clasic handshake and find the encrypted message based on a communication trace. Fair and LovelyThis seems like a communication log. Can you figure out the message?Flag is HITB{}. tag select uid:e0 b8 e4 06 atqa:0x0004 sak:0x08 RDR(401):50 00 57 cd [1100] c[1100] tag […]
How to hack an Access Control System?
Physical security is one of the key elements in Security besides the human and technology part. The three elements basically linked together in an equal manner where hackers always try to find an entry access in one of the elements. A organization which have for example a state of the art firewall with IPS and […]
Securing unused domains
A lot of companies have reserved more than one domain name for their organization. Multiple of those domain name are not been used for email purpose but are a target for hackers to use them for phishing attacks. It’s highly recommended to have at least some basic DNS records to protect the domain name for […]
Mounting filesystem image with CLI
Assume you have a image of an file system that needs to be mounted. This could be on a linux system in case you need to recovering data or for forensics reasons. With the below command you will create a virtual device on your linux system. And in the last step you will mount the […]
