Red Team

Persistence via Creating a Windows Service

In this scenario, we assumed that we have a reverse shell to the victim’s machine and want persistence on the machine. For this, we will use Windows services. First, we start with creating a malicious…

Embed Payload in PDF File

In this article, I want to show you how to embed payload in PDF with EvilPDF tool. By the end of the article, you will be able to embed payload in PDF, and get a…

A New Multi-OS RAT?

A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin…

Importing Module in Powershell

Modules are typically work in Powershell directly. “Get-Module” command can be used to see imported modules. “Get-Module -ListAvailable” command show the modules available. For the additional modules we want to use, we should import them…

Subdomain Enumeration

Subdomain enumeration is an information gathering technique. It can be used to define the all sites opened to the internet in a company. In large organizations, it is very common to have some forgotten websites…

New Tools of Kali

Kali Linux 2021.2 is released with some new tools called Kaboxer and Kali-Tweaks and some cosmetic changes. Kaboxer provides dockers to use applications that they cannot work in newly OSs anymore or need isolation. Kali-Tweaks…

Ingress Tool Transfer (MITRE ATT&CK T1105)

Attackers may need to download some tools to perform different actions on victim machine. Mostly, these can be some tools to help scan networks to move laterally, or make the attacker permanent on the victim…

How to Install Metasploit on Ubuntu

If you are familiar with infosec, you must know already what Metasploit is. So, I will not explain it here again. Metasploit is a predefined tool in Kali but if you use Ubuntu like me,…

C&C with Empire – A Mitre Att&ck T1071 and T1086 Demo

“.. a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,…

Dark Web; Anonymity and Privacy

While talking on Dark Web, one is the most confused concepts with Dark Web is Deep Web. But first, I want to touch Surface Web. Surface Web is the indexable part of the internet. This…

Creating Wordlist for Brute Force Attack

Brute force is an old attack technique but it can be still gold. For brute force attack, we need a wordlist/password list that will be tried by the tool we use, including possible passwords. Then,…

TOR As A SOCKS Proxy

Almost all applications and web sites are trying to learn who we are and what we are looking for on the internet. These informations are being used for many different reasons like advertisements and to…

An Information Security Blog

%d bloggers like this: