Shahrukh Iqbal MirzaOpen-Redirect Vulnerability in Instagram’s Mobile ApplicationIn this blog, I’ll be discussing an Open-Redirect vulnerability that I found out a few days ago in Instagram’s Android Application.May 16, 20212May 16, 20212
Shahrukh Iqbal MirzaYour Source Code might be Git’ing Exposed — Hacking Publicly Exposed Git RepositoriesGit is a Version Control System used to track and monitor modifications made in files/folders during application development. Git works by…Apr 6, 2021Apr 6, 2021
Shahrukh Iqbal MirzainSystem WeaknessPwn3d In Seconds — Attack of the Rubber DuckIn this blog, we’ll be looking at the USB Rubber Ducky or the BadUSB. We’ll start by an introduction to BadUSBs, what makes USBs “Bad” and…Apr 2, 20211Apr 2, 20211
Shahrukh Iqbal MirzainSystem WeaknessWalking Along the PATHS of the AdministratorIn this blog, we’ll discuss how service paths can be abused to escalate privileges in Windows systems. As usual, we’ll look at the…Apr 2, 2021Apr 2, 2021
Shahrukh Iqbal MirzaWho let the Dogs Out — Active Directory Domain Enumeration & Exploitation using BloodHoundIn this blog, we will have an in-depth look at BloodHound. We will start by discussing what BloodHound is, how to install and configure it…Apr 2, 2021Apr 2, 2021
Shahrukh Iqbal MirzaHow to Exploit a Simple Stack-Based Buffer Overflow VulnerabilityIn this blog, we will be discussing the basics of exploit development by exploiting a stack overflow vulnerability in a simple application…Apr 1, 2021Apr 1, 2021
Shahrukh Iqbal MirzaLet the Secrets “SYNC” In — The DCSync AttackIn this blog, we will be focusing on abusing the Replication of Directory Services feature of an Active Directory environment. As always…Apr 1, 2021Apr 1, 2021
Shahrukh Iqbal MirzaRoasting the Three-headed Guard of Active Directory — KerberoastingThis attack targets the Kerberos Authentication Protocol in an Active Directory environment, and attempts to retrieve the service…Apr 1, 2021Apr 1, 2021
Shahrukh Iqbal MirzaAbusing the Rights and Privileges of DNS Admins to Own the Domain ControllerThis attack demonstrates how an attacker can abuse some AD misconfigurations and rights of the DNS Admins group in a Windows environment…Mar 31, 2021Mar 31, 2021
Shahrukh Iqbal MirzaATTACKING WINDOWS 10 USING MIMIKATZWith the exponential rise in cyber-attacks, and the attackers using defense evading tools and frameworks; it has become important to know…Mar 30, 20211Mar 30, 20211