Open in app

Sign In

Write

Sign In

sw0rdf1sh
sw0rdf1sh

13 Followers

Home

About

Aug 18, 2022

CISCO compromise analysis

Hi fellow hackers , back with another post with latest Cisco compromise , this seem interesting and let discuss further details below :: Learning and understanding from the cyber attack Initial vector Post compromise Cisco response and recommendations References and links Initial compromise Initial access to the Cisco VPN was achieved via…

Infosec

3 min read

CISCO compromise
CISCO compromise
Infosec

3 min read


Published in

System Weakness

·Jun 3, 2022

Maldoc. DOCX MSDT inside a sandbox

Hi Fellow hackers , Today we will explore the details of MSDT vulnerability and will exploit in the real time Overview This is Zero-day vulnerability in the Microsoft windows support diagnostic tool (MSDT) also known as “follina” exist when MSDT is called using a URL handler or protocol from an…

Microsoft

3 min read

Maldoc. DOCX MSDT inside sandbox
Maldoc. DOCX MSDT inside sandbox
Microsoft

3 min read


Published in

System Weakness

·Apr 26, 2022

Approach of Quantum Ransomware

hello fellow hackers and analysts , Today I'm going to discuss about “latest emerging Quantum ransomware” approach and encrypting whole…

Ransomeware

2 min read

Approach of Quantum Ransomware
Approach of Quantum Ransomware
Ransomeware

2 min read


Published in

System Weakness

·Apr 16, 2022

Playing with AD Certificate Templates

Hello fellow hackers, today I’m going to explain the blueprint of AD and we will leverage the advantage of exploiting misconfigured certificate templates. Note: we can use RDP tool like remmina or remote desktop connection to connect our pre-configured AD in our environment. Overview of certificate templates windows directory is…

Active Directory Attack

7 min read

Playing with AD Certificate Templates
Playing with AD Certificate Templates
Active Directory Attack

7 min read


Published in

System Weakness

·Apr 15, 2022

Bypassing UAC Methods and tricks

Overview : Here we will be looking into the bypassing techniques , first understanding UAC > User Account Control (UAC). This feature allows for any process to be run with low privileges independent of who runs it (either a regular user or an admin). > From an attacker’s perspective, bypassing UAC is…

Infosec

5 min read

Bypassing UAC Methods and tricks
Bypassing UAC Methods and tricks
Infosec

5 min read


Published in

System Weakness

·Dec 14, 2021

LOG4J vulnerability (CVE-2021–44228)

LOG4J vulnerability (CVE-2021–44228) Summary : Log4j2 is a open source java-based logging framework commonly incorporated into Apache web server and spring-boot web applications the vulnerability has been reported CVE-2021–44228 against the log4j-core.jar. CVE2021–44228 is considered a critical flaw and it has based score 10 which is the highest possible severe rating. Who is…

Infosec

3 min read

LOG4J vulnerability (CVE-2021–44228)
LOG4J vulnerability (CVE-2021–44228)
Infosec

3 min read


Sep 8, 2021

Epsilon Red ransomware

Epsilon Red :: 1. Introduction

Ransomware

3 min read

Epsilon Red ransomware
Epsilon Red ransomware
Ransomware

3 min read


Sep 2, 2021

One percent Ransomware Group :

One percent Ransomware Group : who are One percent ransomware group : Cyber-criminal group who self identifies as the ‘One Percent Group’ and who have used Cobalt Strike to perpetuate ransomware attacks against US companies since November 2020m as said by FBI One Percent Group actors encrypt the data and…

Ransomware

2 min read

One percent Ransomware Group :
One percent Ransomware Group :
Ransomware

2 min read


Jul 29, 2021

::: Pegasus The Stealth Falcon:::

about Pegasus: Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to…

Cybersecurity

2 min read

::: Pegasus The Stealth Falcon:::
::: Pegasus The Stealth Falcon:::
Cybersecurity

2 min read


Jan 24, 2021

Chocolate Factory | THM

A Charlie And The Chocolate Factory themed room, revisit Willy Wonka’s chocolate factory! Let’s begin this box Usually starting with nmap scan, ++NMAP++ nmap -sV -sC machine_IP

Tryhackme Walkthrough

4 min read

Chocolate Factory | THM
Chocolate Factory | THM
Tryhackme Walkthrough

4 min read

sw0rdf1sh

sw0rdf1sh

13 Followers

security researcher

Following
  • PCMag

    PCMag

  • Budhdi Sharma

    Budhdi Sharma

  • Bornunique911

    Bornunique911

  • Michael Meade

    Michael Meade

  • Ronald

    Ronald

See all (9)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams