Essential Tools for Software Reverse Engineering and Cracking

Date: 10/07/2025

Every reverse engineer, malware analyst, and researcher eventually develops a personal toolkit of utilities they regularly use for analysis, unpacking, or cracking. In this review, I will share my own version. This will be useful for anyone who hasn’t yet compiled their own set and is just beginning to explore this field. However, even seasoned reverse engineers might find it interesting to see what tools their peers are using.
Read full article →

You won’t escape! Hijacking user sessions in Windows

Date: 08/07/2025

How often do you encounter a much-desired domain admin session on an outdated Windows 7 workstation? In the hands of a hacker pentester, this admin account is a ‘master key’ that can unlock the entire network. But imagine that an evil antivirus prevents you from dumping LSASS. What would you do in such a situation? How to hijack a user session bypassing all security mechanisms?
Read full article →

OAuth from top to bottom. Examining protocol features and basic attacks targeting OAuth

Date: 23/06/2025

Most modern websites have an authentication form, and in its lower part you can often see buttons enabling you to sign in via various social networks. This login mechanism is based on the OAuth protocol, and today you’ll learn its structure and main vulnerabilities. At the end, you’ll solve two laboratory tasks to solidify the newly-gained knowledge.
Read full article →