PinnedDLL Hijacking Vulnerability POCDescription: Loading dll files from an untrusted source can cause an application to execute malicious commands on behalf of an attacker…Apr 11, 2020Apr 11, 2020
PinnedReverse Shell Using DLL Hijacking VulnerabilityIn the Below example, i will be explaining how to exploit dll hijacking vulnerability to get reverse shell of a victim machine.Apr 17, 2020Apr 17, 2020
Docker Image Scan Using Trivy ToolWhen we have local docker images with us for review, we can scan the docker image (example.tar) using Trivy tool.Oct 15Oct 15
Azure Cloud Configuration Review Using ScoutSuite ToolUser can install ScoutSuite tool using Git. Commands are mentioned below.Jul 27, 2023Jul 27, 2023
AWS Cloud Configuration Review Using ScoutSuite ToolUser can install ScoutSuite tool using PIP or Git. Commands are mentioned below.Dec 5, 2022Dec 5, 2022
Thick Client Security - Windows Unquoted Search PathIf the path to the service binary is not enclosed in quotes and contains white spaces, As a result, a local user will be able to elevate…Jul 20, 2022Jul 20, 2022
Thick Client Security - Using Components with known vulnerabilitiesSometimes, while developing application older version of framework or older version of dependence software's are used. These older…Jul 14, 2022Jul 14, 2022
Thick Client Security-Manual Analysis for VulnerabilitiesManual Analysis is very important in thick client security. When the thick client is installed, many sensitive files are stored locally…Feb 11, 2021Feb 11, 2021
Thick Client Security-Sensitive Info In MemoryIn majority of cases information stored in memory won’t be encrypted. This unencrypted information might reveal sensitive data of…Feb 10, 2021Feb 10, 2021
Passwords In Registry EntryWhen the thick client application is installed and signed up. the sensitive information like password will be stored in registry.Feb 3, 2021Feb 3, 2021