Monday, May 2, 2016

Hack Banking Infrastructure Like Pro - Part 3

In last part of this article if you can recall the network diagram, we have compromised gateway 192.168.101.6. In this article I am going to compromise ssh and terminal system which has IPs respectively 172.16.0.6 and 192.167.0.2.

Sunday, April 10, 2016

Hack Banking Infrastructure Like Pro - Part 2

If you have not seen the part 1 of this series then kindly refer that first. You must have seen that how I compromised site(172.16.0.1). Now it is time to attach the cabinet system which has IP 172.16.0.2.

Friday, April 8, 2016

Hack Banking Infrastructure Like Pro - Part 1

Test Lab is an online penetration testing lab which has total 12 system/servers/network devices. Those are purposely mis configured. Upon hacking each single node, you will get token, which needs to be submitted on the website for the verification that will tell whether you have hacked that server successfully or not. Lets dive into.

Wednesday, April 6, 2016

Data Center Security/Safety Review & Audit Checklist

Your data center hosts critical data and contains your core assets, including customer information, intellectual property and other business-critical data. And with emerging trends such as Big Data, bring-your-own-device (BYOD) mobility and global online collaboration sparking an explosion of data, the data center will only become more important to your organization and will continue to be the target of advanced malware and other cyber attacks.

Sunday, November 15, 2015

Bugbounty - Password returned in the response in cleartext

Another interesting bug, that I found in www.tagged.com. As you know www.tagged.com & www.hi5.com are pretty famous and old social media. Design and functionality of these two domains are pretty similar.

BugBounty-Unexpected application behaviour causing self DoS attack

Hi Guys,
From now onwards I am starting real world bug hunting case studies of mine. This is the first draft of it. I was performing blackbox testing of this website.

Sunday, August 23, 2015

Ncat - Swiss Army Knife - Summary

Its been a while, I haven't written any blog due to my busy job schedule + client side projects.I was just furnishing knowledge so decided to practice netcat. So this is single tutorial for netcat which includes all necessary information about it.

Monday, May 25, 2015

Basic Malware Analysis Techniques

Malware analysis is an essential activity of being security analyst. In this post I am going to provide a method of investigating windows machine for any malware instances. In this post you will learn how to do basic investigation in order to identify malware on windows system. Not only this you will also learn to know what type of mawlare that and to which domains it interacts with.