In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they
Category: Pentest techniques
Going further with Responder’s Basic Authentication
There are a good number of situations when we find ourselves abusing the LLMNR and NBT-NS protocols on an infrastructure penetration test, more specifically on
Practical JSONP Injection
JSONP injection is a lesser known but quite widespread and dangerous vulnerability and it surfaced in the last years due to the high rate of
Introduction to Windows shellcode development – Part 3
If you missed the first two parts of this article, you can find in Part I what is a shellcode, how it works and which
Introduction to Windows shellcode development – Part 2
If you missed the first part of this series, where you can read about what is a shellcode and how it works, you can find
Security Café 