• News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps
  • Log In
  • Sign Up
  • No bullshit
  • Cookie Policy
  • Privacy Policy
Log In / Sign Up

Category: Security

Threadless Injection. Injecting shellcode into third-party processes to circumvent EDR
Security

Threadless Injection. Injecting shellcode into third-party processes to circumvent EDR

07.05.2025Nik Zerof1320
This article discusses Threadless Injection: a technique making it possible to make injections into third-party processes. At the time of writing, it effectively worked on Windows 11 23H2 x64 running on a virtual machine isolated from the network with OS security features enabled.
CONTINUE READING 🡒
Kali Ashes: Hardening hacker distribution and mastering silent pentesting techniques
Security

Kali Ashes: Hardening hacker distribution and mastering silent pentesting techniques

05.05.202505/05/2025Caster1140
Kali Linux is extremely popular among pentesters. However, if you penetrate into a network using default settings of this distribution, it would create much noise on the air, which won’t go unnoticed. This article discusses Kali hardening and explains how to make Linux as…
CONTINUE READING 🡒
Process Ghosting. Circumvent antiviruses in the most dangerous way
Security

Process Ghosting. Circumvent antiviruses in the most dangerous way

28.04.2025Nik Zerof1390
One of the main priorities for hackers is to hide the execution of their malicious code. This article explains how to start processes using the Process Ghosting technique and discusses operation principles of malware detection systems.
CONTINUE READING 🡒
Tunnels Nightmare: ISP protocols expand your pivoting capacity
Security

Tunnels Nightmare: ISP protocols expand your pivoting capacity

24.04.202524/04/2025Caster960
The modern TCP/IP protocol stack includes plenty of tunneling protocols. Normally, they are used to expand production networks and build infrastructure. But in this research, I will use them as pentesting tools.
CONTINUE READING 🡒
Evilginx + Gophish. Deploying phishing simulation infrastructure and bypassing 2FA
Security

Evilginx + Gophish. Deploying phishing simulation infrastructure and bypassing 2FA

21.04.202521/04/2025Georgii Nadeliaev900
In the course of a pentesting audit, you often have to simulate phishing attacks. This article provides a step-by-step guide to deploying infrastructure for such simulation. You will learn how to create a mail server from scratch, install and configure the Evilginx reverse proxy, and then integrate…
CONTINUE READING 🡒
MikroTik Daymare. Protecting MikroTik equipment from hacker attacks
Security

MikroTik Daymare. Protecting MikroTik equipment from hacker attacks

18.04.202518/04/2025Caster1040
MikroTik devices are widely used in corporate networks, but in most cases they aren’t properly configured, which opens the door to various attacks. This article discusses basic RouterOS security concepts, including protection against spoofing, traffic handling, and attacks on control panels.
CONTINUE READING 🡒
Blinding Sysmon completely: Manipulating ETW objects to evade monitoring
Security

Blinding Sysmon completely: Manipulating ETW objects to evade monitoring

17.04.202517/04/2025driverenok700
Immediately after getting access to the target system, the attacker tries to disable its audit tools to remain undetected as long as possible. In this article, I will explain how to blind Windows monitoring tools by manipulating the Event Tracing for Windows (ETW) subsystem.
CONTINUE READING 🡒
NFC from a hacker’s perspective. Attacking Mifare-based PACS
Security

NFC from a hacker’s perspective. Attacking Mifare-based PACS

14.04.2025Thund3rb0lt1740
At some point, simple identifiers cannot ensure proper access control anymore, and consumers switch to a more advanced solution: Mifare. But are Mifare-based devices actually as secure as the manufacturer claims? Let’s figure it out!
CONTINUE READING 🡒
MikroTik Nightmare. Pentesting MikroTik network equipment
Security

MikroTik Nightmare. Pentesting MikroTik network equipment

09.04.202509/04/2025Caster970
This article discusses the security of MikroTik equipment from the attacker’s perspective. Being very popular, MikroTik products are often attacked by hackers. The primary focus of this research is post-exploitation. Also, I will touch on issues plaguing RouterOS defense mechanisms that are exploited by…
CONTINUE READING 🡒
Save me. How to protect networks against spoofing attacks
Security

Save me. How to protect networks against spoofing attacks

31.03.202508/04/2025Caster1010
Spoofing attacks are simple to deliver, and their impact is gross. This article discusses such attacks from the security perspective. The main challenge is to intelligently integrate network security solutions with production without disrupting business processes. Such integration requires a good understanding of the network…
CONTINUE READING 🡒
Caster Remix. Windows post-exploitation with virtual MikroTik
Security

Caster Remix. Windows post-exploitation with virtual MikroTik

21.03.202508/04/2025Caster670
Recently I discovered a new way to implement L2 tunneling against Windows networks. Inspired by the spying penguin concept, I am going to demonstrate a fresh approach to Windows post-exploitation involving a MikroTik Cloud Hosted Router (CHR) that enables you to perform pivoting and provides L2…
CONTINUE READING 🡒
JavaScript al dente. Fuzzing JS engines with Fuzzilli
Security

JavaScript al dente. Fuzzing JS engines with Fuzzilli

14.03.202508/04/2025sploitem5450
Hey guys! Today, pasta is on the menu! You will learn how to identify vulnerabilities in JavaScript engines using the Fuzzilli fuzzer. After a brief theoretical introduction, you’ll jump directly to practice. Let’s assemble the required tools and start fuzzing.
CONTINUE READING 🡒
PACS from a hacker’s perspective. Attacks on RFID-based physical access control systems
Security

PACS from a hacker’s perspective. Attacks on RFID-based physical access…

11.03.202508/04/2025Thund3rb0lt1020
Hacking electronic turnstiles installed at building entrances is a popular trick shown in many movies. This article discusses RFID-based physical access control systems (PACS) and demonstrates how easily the most commonly used identifier, EM4100, can be faked.
CONTINUE READING 🡒
Gain sight of a remote network! Reconstructing the connection diagram based on traffic dump
Security

Gain sight of a remote network! Reconstructing the connection diagram…

04.03.202508/04/2025Alexander Mikhailov760
To comprehend operating principles and functions of network protocols, you have to understand their structure. The purpose of this study was to analyze a small portion of network traffic and reconstruct the network diagram based on the data extracted from it.
CONTINUE READING 🡒
Virtual magic. Emulation and virtualization technologies in pivoting
Security

Virtual magic. Emulation and virtualization technologies in pivoting

28.02.202508/04/2025s0i37740
When you conduct pentesting audits, you rarely enjoy such luxury as admin privileges or root rights. Quite the opposite, in most situations you have to deal with antiviruses and firewalls that make it almost impossible to deliver an attack. Fortunately, emulation and virtualization magic comes…
CONTINUE READING 🡒
Blinding Sysmon: How to disable Windows monitoring in a covert way
Security

Blinding Sysmon: How to disable Windows monitoring in a covert…

27.02.202508/04/2025driverenok791
Immediately after getting access to the target system, the attacker tries to blind its audit tools to remain undetected as long as possible. In this article, I will explain how to blind Sysmon in a covert way making it possible to fool the regular Windows audit.…
CONTINUE READING 🡒
Liquid Chrome. ‘Use After Free’ bug in the Blink engine
Security

Liquid Chrome. ‘Use After Free’ bug in the Blink engine

19.02.202508/04/2025sploitem850
In January 2021, Google released a new version of its Chrome browser. In total, 16 vulnerabilities have been fixed in it. Using one of them as an example, let’s find out how such bugs occur and examine their exploitation techniques enabling hackers to attack computers…
CONTINUE READING 🡒
Penguin’s secretes: Evidence collection in Linux
Security

Penguin’s secretes: Evidence collection in Linux

06.02.202508/04/2025Boris Razor & Alex Mess970
Hey, bro, are you aware that Windows is dead? Everyone is switching to free software nowadays. You’re a hacker security guy, right? So, your job is to ensure security. And here’s an interesting case to be investigated: a Linux computer and an incident that occurred with it.…
CONTINUE READING 🡒
Your guide to NTLM relay, Part 2: Delivering relay attacks
Security

Your guide to NTLM relay, Part 2: Delivering relay attacks

27.01.202508/04/2025DrieVlad2130
NTLM relay attacks aren’t new to pentesters. In most cases, the main prerequisite for a successful relay attack isn’t a vulnerability, but an infrastructure misconfiguration; this is why such attacks are often used in real-life situations. This article discusses relay attacks and techniques used to deliver them…
CONTINUE READING 🡒
Your guide to NTLM relay: Hijacking NTLM authentication to deliver a relay attack
Security

Your guide to NTLM relay: Hijacking NTLM authentication to deliver…

24.01.202508/04/2025DrieVlad2620
Why NTLM authentication is still present in many infrastructures? The correct answer is: because Windows cannot exist without it. But NTLM authentication is marred by a number of problems that can be exploited by attackers. One of such problems is its vulnerability to relay attacks. This article…
CONTINUE READING 🡒
« Previous 1 2 3 4 5 6 7 8 9 10 … 13 14 15 Next »
  • No bullshit
  • Cookie Policy
  • Privacy Policy
HackMag — Top-notch cybersecurity magazine © 2025
Support:support@hackmag.com