Introduction: WannaCry, also known as WCry or WannaCrypt, is a notorious ransomware that made headlines in May 2017 after it infected hundreds of thousands of computers in 150 countries. The malware was spread via a worm that exploited a vulnerability in Microsoft Windows operating systems. The WannaCry ransomware encrypted the files…

SSH (Secure Shell) is a popular protocol for secure remote access to a server or network. One of its most powerful features is the ability to create a local tunnel between a remote host and the local machine. …

SSH (Secure Shell) is a powerful tool that enables secure data communication, remote shell services or command execution, and other secure network services between two networked computers. …

Proxychains is a tool that allows you to route your network traffic through a series of proxy servers. This can be useful for a variety of reasons, such as hiding your true IP address or accessing internal-only resources from an external network. …

Today we will be tackling an easy binary reversing challenge from HackTheBox, called Find The Easy Pass. This binary is a Windows Executable, thus I will be utilizing my Windows reversing virtual machine to solve this challenge. Upon downloading and unzipping, I dropped the file into PE Studio in order…

Enumeration Let's start off with a nmap: nmap -sC -sV 10.10.10.222 -oA nmap/nmap.partial 22/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0) | ssh-hostkey: | 2048 9c:40:fa:85:9b:01:ac:ac:0e:bc:0c:19:51:8a:ee:27 (RSA) | 256 5a:0c:c0:3b:9b:76:55:2e:6e:c4:f4:b9:5d:76:17:09 (ECDSA) |_ 256 b7:9d:f7:48:9d:a2:f2:76:30:fd:42:d3:35:3a:80:8c (ED25519) 80/tcp open http nginx 1.14.2 |_http-title: Welcome |_http-server-header…

Today we will be continuing our quest for Virus Total Evasion by Ghostwriting an msfvenom binary. The process of ghostwriting ranges from exceedingly straightforward to extremely complex. We will attempt to split the middle and take a moderate path forward towards altering our malicious binary. Ghostwriting is the process of…

Overview Back in June of 2022, Talos published an exceedingly interesting blog post which centered around de-anonymizing Tor Hidden Services via a variety of techniques. …

Generating a msfvenom payload for use on HackTheBox or TryHackMe is effective provided Defender or other Anti-Virus software is not running on the target. However, what if this is a real work engagement and you need to sneak a payload past some EDR solution? I will begin to explore some…