Security

OAuth from top to bottom. Examining protocol features and basic attacks targeting OAuth

Date: 23/06/2025

Most modern websites have an authentication form, and in its lower part you can often see buttons enabling you to sign in via various social networks. This login mechanism is based on the OAuth protocol, and today you’ll learn its structure and main vulnerabilities. At the end, you’ll solve two laboratory tasks to solidify the newly-gained knowledge.

Read full article →

Self-defense for hackers. Catching intruders at the network level

Date: 14/06/2025

Author: s0i37

This article presents a number of simple but effective computer self-defense techniques that will help you to detect hackers who have penetrated into your local network. You will learn to identify penetration traces and catch intruders using special scripts. Let’s start with the very first level: the network.

Read full article →

Multistep SQL injection attacks: Operating principle and impact

Date: 13/06/2025

Author: N3tn1la

SQL injections (SQLi) are among the most popular vulnerabilities in the pentesting community. Too bad, such attacks are increasingly rare nowadays since modern security tools easily detect them. By contrast, an injection triggered when data transfer occurs between services is much more difficult to detect. This article discusses SQLi that are triggered not immediately, but somewhere in the middle of business logic.

Read full article →

Victory over “bads”: using Victoria to recover data and reset disk password

Date: 04/06/2025

Author: 84ckf1r3

Recovering deleted files is not a problem; there are dozens of utilities for this. But what if the drive is damaged, has an erroneous geometry description, or is password protected at the controller level? Then the Victoria utility comes to the rescue. It is written in assembler, takes up a few kilobytes and works directly with the controller.

Read full article →

We cover our tracks. How to make Windows forget everything

Date: 04/06/2025

Author: Denis Kolesnichenko

Lists of open files and USB devices, browser history, DNS cache – all this helps to find out what the user was doing. We have compiled step-by-step instructions on how to remove traces of your activity in different versions of Windows, Office and popular browsers. At the end of the article you will find several scripts that will help you automatically keep your machine clean.

Read full article →

A darknet trip. Take the greenest places .onion

Date: 04/06/2025

Author: Nikita Zlichin

The word “darknet” has almost become a cliché for everything that is taboo, difficult to access, and potentially dangerous. But what is a real darknet? We’re offering you another study sharing everything we’ve been able to dig up lately. This time – with a focus on Russian dark resources.

Read full article →

Bring Your Own Vulnerable Driver! Meet BYOVD – one of the most dangerous attacks targeting Windows systems

Date: 27/05/2025

Author: Nik Zerof

Many notorious hacker groups (e.g. North Korea’s Lazarus) use the BYOVD attack to gain access to kernel space and implement complex advanced persistent threats (APTs). The same technique is employed by the creators of the Terminator tool and various encryptor operators. This paper discusses BYOVD operating principles and why this attack has become so popular nowadays.

Read full article →