• News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps
  • Log In
  • Sign Up
  • No bullshit
  • Cookie Policy
  • Privacy Policy
Log In / Sign Up

Category: Security

Sad Guard. Identifying and exploiting vulnerability in AdGuard driver for Windows
Security

Sad Guard. Identifying and exploiting vulnerability in AdGuard driver for…

20.04.202308/04/2025Marsel Shagiev2012
Last year, I discovered a binary bug in the AdGuard driver. Its ID in the National Vulnerability Database is CVE-2022-45770. I was disassembling the ad blocker and found a way to use the identified vulnerability for local privilege escalation. As a bonus, this article gives insight into…
CONTINUE READING 🡒
Kung fu enumeration. Data collection in attacked systems
Security

Kung fu enumeration. Data collection in attacked systems

19.04.202308/04/2025s0i371840
In penetration testing, there’s a world of difference between reconnaissance (recon) and data collection (enum). Recon involves passive actions; while enum, active ones. During recon, you use only open sources (OSINT), and the target system is not affected in any way (i.e. all…
CONTINUE READING 🡒
Serpent pyramid. Run malware from the EDR blind spots!
Security

Serpent pyramid. Run malware from the EDR blind spots!

04.04.202308/04/2025snovvcrash1440
In this article, I’ll show how to modify a standalone Python interpreter so that you can load malicious dependencies directly into memory using the Pyramid tool (not to be confused with the web framework of the same name). Potentially, this enables you to evade…
CONTINUE READING 🡒
Attacks on the DHCP protocol: DHCP starvation, DHCP spoofing, and protection against these techniques
Security

Attacks on the DHCP protocol: DHCP starvation, DHCP spoofing, and…

26.03.202308/04/2025Alexander Mikhailov1590
Chances are high that you had dealt with DHCP when configuring a router. But are you aware of risks arising if this protocol is misconfigured on a company’s server? Using its misconfigurations, not only can a hacker disable the DHCP server, but also deliver…
CONTINUE READING 🡒
Poisonous spuds. Privilege escalation in AD with RemotePotato0
Security

Poisonous spuds. Privilege escalation in AD with RemotePotato0

26.03.202308/04/2025snovvcrash1630
This article discusses different variations of the NTLM Relay cross-protocol attack delivered using the RemotePotato0 exploit. In addition, you will learn how to hide the signature of an executable file from static analysis.
CONTINUE READING 🡒
Infiltration and exfiltration. Data transmission techniques used in pentesting
Security

Infiltration and exfiltration. Data transmission techniques used in pentesting

03.03.202308/04/2025s0i371690
Imagine a situation: you managed to penetrate the network perimeter and gained access to a server. This server is part of the company’s internal network, and, in theory, you could penetrate there as well. Too bad, the compromised node is in the DMZ and doesn’t have access to the Internet.…
CONTINUE READING 🡒
Nightmare Spoofing. Evil Twin attack over dynamic routing
Security

Nightmare Spoofing. Evil Twin attack over dynamic routing

03.03.202308/04/2025Caster2310
Attacks on dynamic routing domains can wreak havoc on the network since they disrupt the routing process. In this article, I am going to present my own modification of the Evil Twin attack designed to intercept data in OSPF-based networks. I will also demonstrate how…
CONTINUE READING 🡒
Herpaderping and Ghosting. Two new ways to hide processes from antiviruses
Security

Herpaderping and Ghosting. Two new ways to hide processes from…

21.02.202317/04/2025be_a_saint1620
The primary objective of virus writers (as well as pentesters and Red Team members) is to hide their payloads from antiviruses and avoid their detection. Various techniques are used for this purpose. This paper discusses two of them: Herpaderping and Ghosting.
CONTINUE READING 🡒
SIGMAlarity jump. How to use Sigma rules in Timesketch
Security

SIGMAlarity jump. How to use Sigma rules in Timesketch

21.02.202308/04/2025sUzU1480
Information security specialists use multiple tools to detect and track system events. In 2016, a new utility called Sigma appeared in their arsenal. Its numerous functions will save you time and make your life much easier.
CONTINUE READING 🡒
Pivoting District: GRE Pivoting over network equipment
Security

Pivoting District: GRE Pivoting over network equipment

21.02.202308/04/2025Caster1150
Too bad, security admins often don’t pay due attention to network equipment, which enables malefactors to hack such devices and gain control over them. What if attackers have already seized control over your peripherals? Will they be able to access the internal infrastructure?
CONTINUE READING 🡒
First Contact: Attacks on Google Pay, Samsung Pay, and Apple Pay
Security

First Contact: Attacks on Google Pay, Samsung Pay, and Apple…

13.02.202308/04/2025Timur Yunusov3340
Electronic wallets, such as Google Pay, Samsung Pay, and Apple Pay, are considered the most advanced and secure payment tools. However, these systems are also plagued by vulnerabilities because they use technologies created thirty years ago. This article describes techniques…
CONTINUE READING 🡒
Ethernet Abyss. Network pentesting at the data link layer
Security

Ethernet Abyss. Network pentesting at the data link layer

13.02.202308/04/2025Caster1390
When you attack a network at the data link layer, you can ‘leapfrog’ over all protection mechanisms set at higher levels. This article will walk you through most of the attack vectors targeting this lowest level of the network.
CONTINUE READING 🡒
Gateway Bleeding. Pentesting FHRP systems and hijacking network traffic
Security

Gateway Bleeding. Pentesting FHRP systems and hijacking network traffic

12.02.202308/04/2025Caster1280
There are many ways to increase fault tolerance and reliability of corporate networks. Among other things, First Hop Redundancy Protocols (FHRP) are used for this purpose. In this article, I will explain how pentesters interact with FHRP in the course of network attacks.
CONTINUE READING 🡒
Top 5 Ways to Use a VPN for Enhanced Online Privacy and Security
Security

Top 5 Ways to Use a VPN for Enhanced Online…

22.01.2023Duygu Demiroz1340
This is an external third-party advertising publication.
CONTINUE READING 🡒
Challenge the Keemaker! How to bypass antiviruses and inject shellcode into KeePass memory
Coding Security

Challenge the Keemaker! How to bypass antiviruses and inject shellcode…

03.06.202217/04/2025snovvcrash1830
Recently, I was involved with a challenging pentesting project. Using the KeeThief utility from GhostPack, I tried to extract the master password for the open-source KeePass database from the process memory. Too bad, EDR was monitoring the system and prevented me from doing this: after…
CONTINUE READING 🡒
Vulnerable Java. Hacking Java bytecode encryption
Security

Vulnerable Java. Hacking Java bytecode encryption

03.06.202208/04/2025JaboHack1720
Java code is not as simple as it seems. At first glance, hacking a Java app looks like an easy task due to a large number of available decompilers. But if the code is protected by bytecode encryption, the problem becomes much more complicated. In this article,…
CONTINUE READING 🡒
Climb the heap! Exploiting heap allocation problems
Security

Climb the heap! Exploiting heap allocation problems

02.06.202217/04/2025Viacheslav Moskvin1700
Some vulnerabilities originate from errors in the management of memory allocated on a heap. Exploitation of such weak spots is more complicated compared to ‘regular’ stack overflow; so, many hackers security researchers have no idea how to approach them. Even the Cracking the Perimeter (OSCE) course doesn’t…
CONTINUE READING 🡒
Quarrel on the heap. Heap exploitation on a vulnerable SOAP server in Linux
Security

Quarrel on the heap. Heap exploitation on a vulnerable SOAP…

01.06.202208/04/2025Marsel Shagiev1010
This paper discusses a challenging CTF-like task. Your goal is to get remote code execution on a SOAP server. All exploitation primitives are involved with the heap in one way or another; so, you’ll learn a lot about functions interacting with it. Also, you’ll…
CONTINUE READING 🡒
Routing nightmare. How to pentest OSPF and EIGRP dynamic routing protocols
Security

Routing nightmare. How to pentest OSPF and EIGRP dynamic routing…

01.06.202208/04/2025necreas1ng1440
The magic and charm of dynamic routing protocols can be deceptive: admins trust them implicitly and often forget to properly configure security systems embedded in these protocols. In this article, I will explain what nightmares can occur if the network admin doesn’t take a good care…
CONTINUE READING 🡒
First contact. Attacks on chip-based cards
Security

First contact. Attacks on chip-based cards

01.06.202208/04/2025Timur Yunusov1350
Virtually all modern bank cards are equipped with a special chip that stores data required to make payments. This article discusses fraud techniques used to compromise such cards and methods used by banks to protect cardholders against attackers.
CONTINUE READING 🡒
« Previous 1 2 3 … 6 7 8 9 10 11 12 13 14 15 Next »
  • No bullshit
  • Cookie Policy
  • Privacy Policy
HackMag — Top-notch cybersecurity magazine © 2025
Support:support@hackmag.com