In this article, I will demonstrate a few simple and common -although efficient! – Wi-Fi pentesting tricks: hiding your MAC address when you scan a network and attack WPA2, identification of ‘hidden’ networks, bypassing MAC filtering, and jamming access points.

Read full article →

“Where’s the money?” Or, rather, “Where did the money go?” The user of a company-owned Windows 10 laptop fell victim of a cyberfraud attack. Or maybe the employee faked it and stole the money while pointing fingers to “evil hackers”? We’ll sure find out.

Read full article →

This article addresses several critical vulnerabilities in Microsoft Office programs. They aren’t new and had caused a great stir a while back. Metasploit Framework modules have already been developed for these bugs, and plenty of related projects are available on GitHub. However, unpatched copies of Microsoft Office (starting from version 2003 and up to and including Office 2016) still remain in the wild dragging down corporate security and opening paths for malicious attacks.

Read full article →

This article is dedicated to some of the most popular and, more importantly, working post-exploitation utilities for Linux servers. You are about to learn how to manipulate the system, gain root access, or steal valuable data right away. Learn what to do after penetrating protected corporate perimeters, bypassing dozens of detection systems and honeypots, or even getting physical access to the target system. Expand your possibilities and become a super-user!

Read full article →