Blind callback environment
Hello my dear technically interested friends, It’s been a long time, but today we’re looking at an exciting topic. You may be familiar with Canary Tokens or similar services that allow you […]
Tag: Blog
XSS over IdP Federation
Today I come to you with a new idea. What if we could bring XSS payloads into third-party applications without attacking them directly? Would be a nice approach, right? Let’s call it […]
Secure Azure AD connect
Let’s talk about Azure AD Connect. This is an application that connects your local Active Directory with the Azure Active Directory or rather synchronizes the objects. This is an application that connects […]
Defender IOC by abuse.ch
Hello wonderful security minds out there, let’s talk about indicators of compromise (IOC). One way to defend against threat actors is through “indicators of compromise” (IOC) or “tactics, techniques, and procedures” (TTP). […]
ARP spoofing bomb
Good day ordinary and extraordinary security people. let’s take a look at “ARP spoofing” today and make it even more interesting by creating a script that redirects the entire subnet to you. […]
Sender forgery in Exchange Online
Imagine you could easily send internal emails in M365 in the name of any person and that without authentication and from the outside, would you do it? Well, I don’t want to […]
Windows hardening
Every time I reinstall my Windows system, the very first thing I do is run my hardening script. This does not make it impossible for the bad guys, but it makes it […]
Jackpoting Online Slots – part four
Another sunny day in the cyber security world, welcome back security folks. Today, in the fourth and for now last part of this blog series, we will focus on how to build […]
Jackpoting Online Slots – part three
Welcome back security folks to the multi-part series of blogs about “Jackpoting Online Slots” in which we continue to try our luck a little bit more. Now it’s time to get down […]
Jackpoting Online Slots – part two
Hello security folks out there. After a long and intense period of research, it is time to put our knowledge to the test and see how far we can take our findings […]