Azure CloudQuarry: Searching for secrets in Public VM Images After the initial investigation entitled “AWS CloudQuarry: Digging for secrets in Public AMIs”... 2024-11-19 18:12:13 | 阅读: 1 | 收藏 | Security Café - securitycafe.ro ais marketplace disks costs

Chained Vulnerabilities in Web Applications IntroductionVulnerability chaining, also known as exploit chaining, is the process of combi... 2024-10-25 17:39:14 | 阅读: 3 | 收藏 | Security Café - securitycafe.ro attacker malicious security victim injection

Mobile Pentesting 101: How to Install Split APKs Understanding Split APKsIn modern mobile app development, split APKs are b... 2024-10-7 19:9:44 | 阅读: 11 | 收藏 | Security Café - securitycafe.ro apks mmsf splitapk apk decompile

Red Team Finds A Way – (IN)Secure By Design In our previous post, Red Team Finds A Way – Exploiting The Human Factor, we explored how the... 2024-9-11 20:3:36 | 阅读: 8 | 收藏 | Security Café - securitycafe.ro security teaming attacker network

AWS vs Azure: A “Secure by default” comparison Whether you are in charge of deciding what Cloud solution to choose for your organization or yo... 2024-9-3 17:22:10 | 阅读: 11 | 收藏 | Security Café - securitycafe.ro cloud security ssrf ec2 mistakes

An ex psychologist’s journey into Cyber Security How it all startedWhat if I told you that the machines with 99 percentage fail chance would... 2024-7-29 19:28:2 | 阅读: 12 | 收藏 | Security Café - securitycafe.ro oscp feeling felt luck knew

Red Team Finds A Way – Exploiting The Human Factor Red Teaming is a comprehensive approach that involves the use of various tactics, technique... 2024-7-2 16:5:10 | 阅读: 7 | 收藏 | Security Café - securitycafe.ro phishing teaming identify username security

AWS CloudQuarry: Digging for Secrets in Public AMIs Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored i... 2024-5-8 14:30:0 | 阅读: 10 | 收藏 | Security Café - securitycafe.ro amis ami cloud sem

CVE-2024-28344 & CVE-2024-28345 in Sipwise C5 CVE-2024-28344 – Open RedirectAn Open Redirect vulnerability was found in... 2024-3-21 18:22:31 | 阅读: 12 | 收藏 | Security Café - securitycafe.ro journal 28345 28344 malicious 1443

How to Install .ipa Files on iPhone Without Jailbreak Diving into the realm of iOS beyond the confines of the App Store requires a grasp of the impor... 2024-3-12 15:30:0 | 阅读: 20 | 收藏 | Security Café - securitycafe.ro ipa resorting sit

WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics IntroductionThe AttackSocio-Political ImplicationsExploiting CVE-2023-38831Make sure you are us... 2024-2-19 17:16:31 | 阅读: 31 | 收藏 | Security Café - securitycafe.ro winrar m4 bmw 38831 payload

Can Someone Really Hack Traffic Lights? We’ve all seen the scenes in movies or games where attackers hack traffic lights to set the col... 2024-2-7 15:55:10 | 阅读: 17 | 收藏 | Security Café - securitycafe.ro lights tlc sensors vehicles

Passing Your OSCP In 2023 (or 2024) I am aware that the internet is full of videos, blog and forum posts, GitHub pages (and the lis... 2023-10-30 16:27:32 | 阅读: 24 | 收藏 | Security Café - securitycafe.ro oscp moreover mindset stress

Trench Tales: The College Account Takeover That Never Happened DisclaimerIntroductionThe VulnerabilityMethodologyShodanLdapsearchBashPythonEthical DilemmasCas... 2023-10-16 13:53:31 | 阅读: 23 | 收藏 | Security Café - securitycafe.ro ldapsearch anonymous security python

Secure Your Mobile World: A Guide for Cyber Security Awareness Month October marks Cyber Security Awareness Month, a time when individuals and organizations around... 2023-10-5 15:35:31 | 阅读: 15 | 收藏 | Security Café - securitycafe.ro security software passwords tips phishing

Mobile Pentesting 101 – Introducing to MMSF (Massive Mobile Security Framework) Sometimes it can be harder to choose one tool over another when it comes to mobile pentesting.... 2023-9-18 14:0:0 | 阅读: 30 | 收藏 | Security Café - securitycafe.ro mmsf usemodule bypass python3

Remote Code Execution – Basics In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities an... 2023-9-13 20:30:14 | 阅读: 43 | 收藏 | Security Café - securitycafe.ro php cmdshell remote popen attacker

IAMActionHunter in action Let’s take a look at the latest cloud tool published by Rhino Security Labs: IAMActionHunter.... 2023-7-27 21:44:45 | 阅读: 25 | 收藏 | Security Café - securitycafe.ro ssm sendcommand scoutsuite engagement

Command and Control Frameworks: Metasploit and Havoc 1. OverviewIn this blog post we will be talking about Command and Control (C&C or C2) Serve... 2023-7-3 14:30:0 | 阅读: 35 | 收藏 | Security Café - securitycafe.ro havoc payload windows agents msfvenom

DLL Hijacking – Finding Vulnerabilities in PEStudio 9.52 Lately, I have reported multiple DLL Hijacking vulnerabilities. These are quit... 2023-6-19 14:30:0 | 阅读: 30 | 收藏 | Security Café - securitycafe.ro hijacking pestudio loaded windows sensapi