Security

Essential Tools for Software Reverse Engineering and Cracking

Date: 10/07/2025

Every reverse engineer, malware analyst, and researcher eventually develops a personal toolkit of utilities they regularly use for analysis, unpacking, or cracking. In this review, I will share my own version. This will be useful for anyone who hasn’t yet compiled their own set and is just beginning to explore this field. However, even seasoned reverse engineers might find it interesting to see what tools their peers are using.

Read full article →

You won’t escape! Hijacking user sessions in Windows

Date: 08/07/2025

Author: MichelleVermishelle

How often do you encounter a much-desired domain admin session on an outdated Windows 7 workstation? In the hands of a ~~hacker~~ pentester, this admin account is a ‘master key’ that can unlock the entire network. But imagine that an evil antivirus prevents you from dumping LSASS. What would you do in such a situation? How to hijack a user session bypassing all security mechanisms?

Read full article →

Hijacking COM. Abusing COM classes to hijack user sessions

Date: 03/07/2025

Author: MichelleVermishelle

As you are likely aware, Windows assigns a unique session to each user logging into the system. And if somebody logs into an already hacked device, you can hijack that person’s session. This article discusses a promising privilege escalation technique: the attacker steals users’ sessions using COM classes.

Read full article →

Anger management. Welcome to Angr, a symbolic emulation framework

Date: 30/06/2025

Author: mr.grogrig

Angr is an unbelievably powerful emulator. This crossplatform tool supports all most popular architectures; using it, you can search for vulnerabilities both in PE32 on Linux and in router firmware on Windows. Let’s examine this binary analysis framework in more detail using Linux as an example.

Read full article →

Partying by the pool. Mastering PoolParty process injection techniques

Date: 26/06/2025

Author: Nik Zerof

PoolParty is a new type of injections into legitimate processes that abuses Windows Thread Pools, a sophisticated thread management mechanism. Let’s dissect Windows Thread Pools to find out how it can be used for pentesting purposes.

Read full article →

OAuth from top to bottom. Examining protocol features and basic attacks targeting OAuth

Date: 23/06/2025

Author: Maksim Rogov

Most modern websites have an authentication form, and in its lower part you can often see buttons enabling you to sign in via various social networks. This login mechanism is based on the OAuth protocol, and today you’ll learn its structure and main vulnerabilities. At the end, you’ll solve two laboratory tasks to solidify the newly-gained knowledge.

Read full article →

Self-defense for hackers. Catching intruders at the network level

Date: 14/06/2025

Author: s0i37

This article presents a number of simple but effective computer self-defense techniques that will help you to detect hackers who have penetrated into your local network. You will learn to identify penetration traces and catch intruders using special scripts. Let’s start with the very first level: the network.

Read full article →