MitM Proxy on Kali
Mahatma Gandhi’s quote “Distrust is a sign of weakness” may be true in the real world, but certainly not in the cyber world of networks and Zero Trust. There are simply too […]
Month: May 2023
C2 by DNS lookups
Hello security folks out there, today we are going to look at a topic that allows, for amazingly simple, external executions. The whole thing is based on DNS and should therefore work […]
Azure Information Gathering
Hello security colleagues out there and welcome to another exciting topic. Today we will go on an information-gathering journey and try to gather as much data about a specific Azure AD user/organisation […]
Attack: JWT issuer forgery
In this article, we will delve deeper into the subject of JSON Web Tokens (JWT) and look at a method of forging them. You can find the basics in my two previous […]
Attack: JWT modification
In my previous post “what abaout: JWT” we looked at what JWT actually is and how it is used. We only looked at the basics, there are countless articles out there that […]