AI Hacking Games (Jailbreak CTFs) The world of AI is developing pretty fast and new tools and plugins that leverage the power of... 2023-5-15 15:40:58 | 阅读: 44 | 收藏 | Security Café - securitycafe.ro reverse llms chatbot adventure prompts

Bypassing Application Whitelisting Application whitelisting is a very effective protection mechanism, but it can be difficult to m... 2023-5-2 14:30:0 | 阅读: 31 | 收藏 | Security Café - securitycafe.ro applocker bypassing software enforces

7 lesser-known AWS SSM Document techniques for code execution A deep dive into AWS SSM Run Command shows that there are multiple documents attackers can use... 2023-4-19 14:30:0 | 阅读: 48 | 收藏 | Security Café - securitycafe.ro ssm reverse github rundocument ec2

Mobile Pentesting 101 – How to set up your Android Environment Continuing with the Mobile Pentesting 101 series, this article gives an idea about how your And... 2023-4-3 14:30:0 | 阅读: 33 | 收藏 | Security Café - securitycafe.ro apktool security github drozer rooted

EC2StepShell: A Tool for Getting Reverse Shells on Instances with Network Restrictions A tool for getting reverse shells in EC2 instances where network communication to your host is... 2023-3-8 15:30:0 | 阅读: 38 | 收藏 | Security Café - securitycafe.ro ec2 ssm reverse sendcommand

A Complete Kubernetes Config Review Methodology The are many resources out there that tap into the subject of Kubernetes Pentesting or Configur... 2023-2-27 16:16:0 | 阅读: 29 | 收藏 | Security Café - securitycafe.ro pods kubernetes security kubectl rbac

Our DefCamp 2022 talks are here! Both presentations we held this year at DefCamp are now available online (reco... 2023-2-1 15:30:0 | 阅读: 23 | 收藏 | Security Café - securitycafe.ro cloud defcamp youtube held network

AWS ssm:SendCommand or network agnostic built-in RCE as root Post-exploitation in cloud can be fun and easy if you have the right permissions. There is no o... 2023-1-18 02:53:15 | 阅读: 41 | 收藏 | Security Café - securitycafe.ro ssm ec2 privileges sendcommand network

AWS Enumeration – Part II (Practical enumeration) We hackers love cheat sheets so here are mine for AWS IAM, EC2, S3 Buckets and Lambda Functions... 2022-12-14 15:30:0 | 阅读: 20 | 收藏 | Security Café - securitycafe.ro ec2 s3api ssh gateways buckets

AWS Enumeration – Part I (Where to start, Approaches and Tools) This article is covering multiple ways to enumerate the resources within an AWS environment. We... 2022-11-1 16:30:0 | 阅读: 28 | 收藏 | securitycafe.ro github security subcommand cloud pacu

Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam – Tips & Tricks to pass the exam Seeing how this evolved, I wanted to provide you with a thorough review of The Cyber Mentor‘s n... 2022-10-4 13:37:59 | 阅读: 102 | 收藏 | securitycafe.ro pnpt network heath debrief client

Mobile Pentesting 101 – Bypassing Biometric Authentication As mobile devices and mobile applications increase, so does the risk of using mobile applicatio... 2022-9-5 14:30:0 | 阅读: 62 | 收藏 | securitycafe.ro biometric fingerprint bypass keystore

Certified Hybrid Multi-Cloud Red Team Specialist – Review and Tips You might not be familiar with this one, but it is a certification offered by Cyberwarfare Labs... 2022-8-1 14:30:0 | 阅读: 52 | 收藏 | securitycafe.ro cloud premises security trainers

Web Cache Deception attacks Do you have vulnerabilities that you just love to exploit? I know I have a few and one of them... 2022-7-1 14:30:0 | 阅读: 40 | 收藏 | securitycafe.ro caching deception vcl client

Security Source Code Review – Manual Approaches Performing security source code reviews is part of the penetration tester’s life. Either that t... 2022-6-6 14:30:0 | 阅读: 35 | 收藏 | securitycafe.ro security diagram usermodel php

Active Directory – Delegation Based Attacks What is Kerberos delegation?As stated by Microsoft, “delegation is one of the most importan... 2022-5-16 14:30:0 | 阅读: 48 | 收藏 | securitycafe.ro delegation rubeus machine constrained

Pentesting Azure: RECON Techniques Even though Microsoft Azure is the second largest cloud solution after Amazon Web Services (AWS... 2022-4-29 15:53:51 | 阅读: 50 | 收藏 | securitycafe.ro acr microburst powershell deployments

IoT Pentesting 101: How to Hack MQTT – The Standard for IoT Messaging As almost every industry uses at least one of those tiny embedded devices called Smart Things,... 2022-4-8 15:48:14 | 阅读: 168 | 收藏 | securitycafe.ro mosquitto mqtt broker publisher

Gone Phishing – Part #1 What is social engineering?The term “social engineering” refers to a wide range of mali... 2022-3-24 16:0:0 | 阅读: 142 | 收藏 | securitycafe.ro mailgun fiercephish evilginx2 picked phish

Runtime Mobile Security (RMS) – How To Instrument Android Java Classes And Methods At Runtime Runtime Mobile Security (RMS) is a powerful web interface powered by Frida that helps you manip... 2022-3-7 16:51:54 | 阅读: 113 | 收藏 | securitycafe.ro rms bypass encryption hooking