In Windows, every named object has some permissions to indicate who can access or modify the object. The summary of rights is described by a security descriptor and it is using the Security Descriptor Definition Language to define the access control list and the access control entries. We will focus on Windows services to see how can SDDL modify the permission of a service.
Cheatsheet about registry modification by malicious softwares. It is common that malwares will attempt to modify the Windows registry to achieve persistence on exploited systems or to bypass some built in securities.
Cheatsheet for binary exploitation when using debugger like GDB or Radare2
Wireshark is one of the most used network protocol analyzer. Network engineers, cyber security engineers and any person who want to deep dive into network analysis might use Wireshark. Wireshark runs on many platforms (Windows, Linux, MacOS) and uses pcap to capture packets, therefore it can only capture packets that pcap supports. In this tutorial, I'll give you the fundamental points that might help you to start analyzing packets with Wireshark.
A QR code (Quick Response code) is a well common type of barcode used to contain data. Nowaways it becomes popular to send data to a person throught QRcode, it can be used by a restaurant to display the menu, it has been done many times during the pandemic period in 2020. Almost any smartphone in 2021 can scan the QR code to read and analyze the data behind that bar code. How come the smartphone managed to analyze it so quickly and in less than 5 seconds gives you the message behind that code ? How does it exactly work ?
This article will explain the core functionning of a QR code.
Setting up a lab has many advantages and benefits when it comes to do some researches and testing. Being able to virtualize any machine is a big opportunity, you can create many systems without spending a lot of money. You can monitor and control your infrastructure as if you were in a small company. Testing things and doing researches are always better to do it in a development environment than in production. Therefore as a cybersecurity engineer or software engineer or network engineer, it is always good to have a lab to do some testings.
Before getting into some binary exploitations, it is necessary to have a good understanding about the functioning of the stack. This tutorial is composed of a small program and we are going to analyze step by step the memory, from allocating the memory space to erasing that space.
Sometimes, it is necessary to modify some networking settings in the router or firewall. In this article, you will see how to modify those settings, to listen on a specific port and then being able to open a reverse shell on a remote location.