Searching The Dark Web

Because the Dark Web is still a mystery to most and the unknown can be scary but enlightening. After all, if your emails, credentials or data has been stolen, it will most likely be on here......

Downloading Payloads With Microsoft Teams

It was recently found that Microsoft Teams had a vulnerability which allows malicious parties to download payloads. This is due to its under-lining auto-update mechanism called Squirrel. It’s not just Microsoft teams who just use this, GitHub, UIPath and WhatsApp also use Squirrel behind the scenes.....

Using Sherlock To Find Usernames

Sherlock is a really cool tool which will allow you to span the internet searching for matching usernames. Say for example a friend’s username is test123, you could use Sherlock to see if they have created other profiles elsewhere. As humans, we often use the same usernames across sites.....

How The Phishers Phish

When thinking of phishing, you might think of ‘Winning the Nigeran lottery’ or ‘Paying a small holding fee so that a prince can make you rich’. These were common attempts back in the day and the aim was to trick you so that you would send the scammer money. Since then, Phisher-men and women have evolved and are now using new techniques. What these people want though are very different things. Nowadays these types of attacks aim to steal personal details, credentials, money or even to infect the users machine......

Exploring The Zero Trust Model

Now right off the bat you might think that Zero Trust is basically a concept of not trusting anything at all, but you would be wrong. It’s more around having the ability to issue/validate trust for systems and users that interact on your network. This is because you accept that fact that your internal network is not secure.......

Hack The Box: Blue

Given that this title is called Blue and is a Windows box, I assume that it based on the EternalBlue exploit. Just to check, we can run the SMB scanner in Metasploit. Looks to be Windows 7 so things are looking up. MS17_10_eternalblue is the name of the exploit we are going to use: If... Continue Reading →

Create a website or blog at WordPress.com

Up ↑