Recent findings have sparked unprecedented public interest in the shadow business related to data brokering services. It's no secret that almost any information can be bought and sold, but there are claims that some details can be…
CONTINUE READING 🡒 
Effective Free OSINT Tools for Investigation and Competitive Intelligence
Bribing a bank employee to obtain necessary information is clearly unethical. However, gathering information from publicly available sources is still permissible. Today, we will explore a couple dozen services that allow you to collect information about a…
CONTINUE READING 🡒 
Essential Console Tools for Every Scenario
It's always nice to discover a new tool that, even if just a little bit, makes your life easier. Whether you're an admin, hacker, or coder, today's selection is sure to have something useful for you. We…
CONTINUE READING 🡒 
Running Android Apps on Linux with Anbox: A Guide to…
There are numerous Android emulators for all sorts of operating systems. The worst ones barely function, while the best run quickly and even allow gaming. The latter are typically only available for Windows, and their performance on…
CONTINUE READING 🡒 
Hacking Wi-Fi Networks Using a Smartphone: Reconnaissance and Initial Attack…
You've probably tried hacking wireless networks using a laptop and noticed that it's not very convenient to carry around, plus it attracts attention. But why use a laptop when you have a real pocket-sized computer that lets…
CONTINUE READING 🡒 
De-anonymizing Telegram: Finding User and Channel Information from Open Sources
Telegram may appear anonymous, but in reality, there are numerous methods and tools for de-anonymizing its users, which is what this article will discuss. We will delve into trap bots, the use of specialized services, and other…
CONTINUE READING 🡒 
Alternative Firmware Options for Flipper Zero: Choosing the Right Upgrade
Flipper Zero is a "hacker multitool" that you have likely heard about. You might even have managed to get your hands on one and have some fun with it. In this article, we'll discuss firmware options that…
CONTINUE READING 🡒 
Building Your Own Laptop: Selecting Parts for a High-Performance Custom…
You’ve decided to buy a high-performance laptop, but you’re discouraged by the prices — the combination of power and portability comes at a steep cost. In this article, I’ll explain how to build a portable laptop using standard desktop components, and highlight the advantages of this approach. I’ve named my creation…
CONTINUE READING 🡒 
Tiny Hummingbird: Exploring an Entirely Assembly Language Operating System
Today in our collection of curiosities, we have an intriguing specimen: an operating system written entirely in pure assembly language. With its drivers, graphical interface, and dozens of pre-installed programs and games, it takes up less than…
CONTINUE READING 🡒 
Setting Up the ELK Stack: Configuring Elasticsearch, Logstash, and Kibana…
Service and application logs are often the only way to identify the source of issues, but they are usually neglected after installation and debugging. Modern approaches to development, deployment, and maintenance of applications demand a completely different…
CONTINUE READING 🡒 
Effective Erasure: Ensuring Fast and Irrevocable Data Destruction
Destroying evidence and covering tracks is typically reserved for the less law-abiding individuals. However, today we’ll discuss how to securely erase data from various devices when you plan to sell, give away, or simply dispose of a disk, phone, or computer.
CONTINUE READING 🡒 
12 Essential Tweaks to Optimize KDE for the Perfect Desktop…
Like any other significant project, KDE has both unwavering opponents and ardent supporters. While the former criticize the system for its complexity, excessive customization options, high resource consumption, and insufficient stability, the latter counter these criticisms by…
CONTINUE READING 🡒 
Essential Tools for Software Reverse Engineering and Cracking
Every reverse engineer, malware analyst, and researcher eventually develops a personal toolkit of utilities they regularly use for analysis, unpacking, or cracking. In this review, I will share my own version. This will be useful for anyone who hasn’t yet compiled their own…
CONTINUE READING 🡒 
Exploring NixOS: The Unique and User-Friendly Linux Distribution
How many times have you reinstalled Linux in your life? How many times have you set up the same packages on multiple machines? How many times have you started from scratch due to a failed update? Not…
CONTINUE READING 🡒 
Setting Up a Personal Cloud with Nextcloud: Is It Worth…
“Should I install some software to make it easier to organize files on the server, share them, and access them from my phone?” I thought, and that’s when everything started to unfold! Even though my initial needs were modest, I decided to first take…
CONTINUE READING 🡒 
You won’t escape! Hijacking user sessions in Windows
How often do you encounter a much-desired domain admin session on an outdated Windows 7 workstation? In the hands of a hacker pentester, this admin account is a ‘master key’ that can unlock the entire network. But imagine that an evil antivirus prevents you…
CONTINUE READING 🡒 
Hijacking COM. Abusing COM classes to hijack user sessions
As you are likely aware, Windows assigns a unique session to each user logging into the system. And if somebody logs into an already hacked device, you can hijack that person’s session. This article discusses a promising privilege escalation technique: the attacker steals users’…
CONTINUE READING 🡒 
Bluetooth vulnerabilities can be used for eavesdropping and data theft
Airoha Bluetooth chipsets installed in dozens of audio devices from various manufacturers can be used for eavesdropping and theft of sensitive data.
CONTINUE READING 🡒 
Anger management. Welcome to Angr, a symbolic emulation framework
Angr is an unbelievably powerful emulator. This crossplatform tool supports all most popular architectures; using it, you can search for vulnerabilities both in PE32 on Linux and in router firmware on Windows. Let’s examine this binary analysis framework in more detail using Linux…
CONTINUE READING 🡒 
Partying by the pool. Mastering PoolParty process injection techniques
PoolParty is a new type of injections into legitimate processes that abuses Windows Thread Pools, a sophisticated thread management mechanism. Let’s dissect Windows Thread Pools to find out how it can be used for pentesting purposes.
CONTINUE READING 🡒