Hi Fellow hackers , Today we will explore the details of MSDT vulnerability and will exploit in the real time Overview This is Zero-day vulnerability in the Microsoft windows support diagnostic tool (MSDT) also known as “follina” exist when MSDT is called using a URL handler or protocol from an…

hello fellow hackers and analysts , Today I'm going to discuss about “latest emerging Quantum ransomware” approach and encrypting whole…

Hello fellow hackers, today I’m going to explain the blueprint of AD and we will leverage the advantage of exploiting misconfigured certificate templates. Note: we can use RDP tool like remmina or remote desktop connection to connect our pre-configured AD in our environment. Overview of certificate templates windows directory is…

Overview : Here we will be looking into the bypassing techniques , first understanding UAC > User Account Control (UAC). This feature allows for any process to be run with low privileges independent of who runs it (either a regular user or an admin). > From an attacker’s perspective, bypassing UAC is…

LOG4J vulnerability (CVE-2021–44228) Summary : Log4j2 is a open source java-based logging framework commonly incorporated into Apache web server and spring-boot web applications the vulnerability has been reported CVE-2021–44228 against the log4j-core.jar. CVE2021–44228 is considered a critical flaw and it has based score 10 which is the highest possible severe rating. Who is…

Epsilon Red :: 1. Introduction

One percent Ransomware Group : who are One percent ransomware group : Cyber-criminal group who self identifies as the ‘One Percent Group’ and who have used Cobalt Strike to perpetuate ransomware attacks against US companies since November 2020m as said by FBI One Percent Group actors encrypt the data and…

about Pegasus: Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to…

A Charlie And The Chocolate Factory themed room, revisit Willy Wonka’s chocolate factory! Let’s begin this box Usually starting with nmap scan, ++NMAP++ nmap -sV -sC machine_IP