OAuth from top to bottom. Examining protocol features and basic attacks targeting OAuth

Date: 23/06/2025

Most modern websites have an authentication form, and in its lower part you can often see buttons enabling you to sign in via various social networks. This login mechanism is based on the OAuth protocol, and today you’ll learn its structure and main vulnerabilities. At the end, you’ll solve two laboratory tasks to solidify the newly-gained knowledge.
Read full article →

Multistep SQL injection attacks: Operating principle and impact

Date: 13/06/2025

SQL injections (SQLi) are among the most popular vulnerabilities in the pentesting community. Too bad, such attacks are increasingly rare nowadays since modern security tools easily detect them. By contrast, an injection triggered when data transfer occurs between services is much more difficult to detect. This article discusses SQLi that are triggered not immediately, but somewhere in the middle of business logic.
Read full article →

We cover our tracks. How to make Windows forget everything

Date: 04/06/2025

Lists of open files and USB devices, browser history, DNS cache – all this helps to find out what the user was doing. We have compiled step-by-step instructions on how to remove traces of your activity in different versions of Windows, Office and popular browsers. At the end of the article you will find several scripts that will help you automatically keep your machine clean.
Read full article →

A darknet trip. Take the greenest places .onion

Date: 04/06/2025

The word “darknet” has almost become a cliché for everything that is taboo, difficult to access, and potentially dangerous. But what is a real darknet? We’re offering you another study sharing everything we’ve been able to dig up lately. This time – with a focus on Russian dark resources.
Read full article →

Bring Your Own Vulnerable Driver! Meet BYOVD – one of the most dangerous attacks targeting Windows systems

Date: 27/05/2025

Many notorious hacker groups (e.g. North Korea’s Lazarus) use the BYOVD attack to gain access to kernel space and implement complex advanced persistent threats (APTs). The same technique is employed by the creators of the Terminator tool and various encryptor operators. This paper discusses BYOVD operating principles and why this attack has become so popular nowadays.
Read full article →