SSL Pinning: Introduction & Bypass for Android
What is SSL Pinning ? SSL pinning allows the application to only trust the valid or pre-defined certificate or Public Key. The application developer uses SSL pinning technique as an [more]
LLMNR/NBT-NS Poisoning in Windows environment
In this blogpost, we’ll talk about poisoning name services (such as LLMNR, NBT-NS) within local networks. In a local area network, you can do name server poisoning to steal authentication [more]
RBI Guidelines for Tokenization
RBI Releases Guidelines on Tokenization for Card Transactions Reserve Bank of India has issued a directive under Section 10 (2) read with Section 18 of Payment and Settlement Systems Act, [more]
Malware on Steroids Part 3: Machine Learning & Sandbox Evasion
Hey, It’s been a busy month for me and I was not able to save time to write the final part of the series on Malware Development. But I am [more]
Malware on Steroids – Part 2: Evading Antivirus in a Simulated Organizational Environment
Recap In the previous post, we wrote a simple CMD Reverse Shell over TCP. However, in a real-life scenario, things would be pretty different. In this post, we will be [more]
Malware on Steroids – Part 1: Simple CMD Reverse Shell
The Prologue This is my reposting of the blog series I wrote here at ScriptDotSh If you haven’t watched the videos yet, here are my links to both the antivirus [more]
Manipulating Host Headers – Not Anymore !
Introduction Host header injections have been around for a while now, and sometimes the developer just does not know how to get rid of them! Configuring virtual hosts, adding host [more]