Security Blogs

In this cyber security research blog series, I’ve explored top cyber security attacks and penetration testing methodology:

Mastering Domain Controller Exploitation: Kerberoast, Silver Tickets, and Golden Tickets

Comprehensive overview of domain controller exploitation techniques, such as Kerberoasting, Silver Ticket, and Golden Ticket attacks, along with the tools used to execute them. We walk through example commands for popular tools like Kerbrute, Rubeus, Hashcat, Mimikatz, and ms-rprn.exe. These attacks can be used by malicious actors to gain unauthorized access to sensitive resources, making it crucial for system administrators to be aware of these methods in order to properly secure their networks.

OutBandit – Out Of Band Exfiltration Tool

OutBandit is a powerful out-of-band attacking tool built as an extension for Burp Suite. It can test web applications running on Windows and Linux environments built using different technologies such as Python, Java, .NET, PHP, and Node.js. Its ability to work with both internet and intranet facing applications and send both HTTP and DNS requests makes it an ideal asset for security professionals looking to ensure the security of their applications and infrastructure.

iOS Penetration Testing Cheatsheet: Tips and Techniques

iOS security testing is crucial for protecting sensitive data stored on mobile devices. Security professionals can use various tools and techniques such as static and dynamic analysis, jailbreaking, and binary analysis to identify and address vulnerabilities. Mobile Security Framework (MobSF), Frida, Grapefruit, PassionFruit, Objection etc.

Server Side Template Injection

Jinja template injection is a vulnerability that can be exploited to execute arbitrary code on a web server. After detecting this vulnerability, the next step is to identify the template engine in use. This can be automated using a decision tree of language-specific payloads. Escalating this vulnerability can lead to the retrieval of sensitive data and even the execution of remote code on the web server. Fortunately, there are tools available, such as tplmap, that can automate the exploitation process. It is important to properly implement the template to prevent a denial of service attack due to large numerical calculations.

Sky is the limit: Frida

Frida is a popular dynamic instrumentation toolkit used for testing and debugging mobile and desktop applications. It allows developers and security researchers to modify the behavior of an application at runtime, enabling them to bypass security controls, intercept network traffic, and analyze application behavior. With its powerful features and cross-platform support, Frida has become a widely used tool in the security community.

Smali Debug Cheatsheet

Smali is a low-level bytecode language used for developing Android apps. It’s not easy to read or modify binary code, so there are tools out there to convert to and from a human-readable representation. Smali/Baksmali is an assembler/disassembler for the dex format used by Dalvik, Android’s Java VM implementation. Decompiling an APK file can be done with tools like JADX, Apktool, and Zip. Understanding Smali code syntax is essential for analyzing and debugging an app’s source code. Debugging Smali files can help improve the static and dynamic analysis of an application during penetration testing. Automating Smali debugging can be done with tools like Frida, Objection, and Drozer.