Complete guide on cold wallets for Cryptocurrencies
Complete Guide to Cryptocurrency Wallets …
Physical Security: Access Card Cloning with Proxmark in Red Team Operations
1. Introduction and Objectives In this article, we will explore how easy it can be to clone certain types of cards that are widely used, not only in access controls of private organizations (hotels, etc.) but also in public institutions. To achieve this, we will make use of Proxmark3, which can be acquired from its official website: In this article, we will not demonstrate how to set up the environment to be able to use Proxmark3, as there are several tutorials available on the Internet that provide clear instructions for that: Therefore, to carry out this practice, we should have …
Anonymous Connection, Information Exfiltration, and Covering Tracks in Red Team Operations (RTO)
1. Introduction and Objectives In this article, we will demonstrate how an attacker can exfiltrate a complete clone of a hard drive or a disk partition in a silent and professional manner, as should be done in a Red Team Operation (RTO). We will employ the same tactics, techniques, and procedures (TTPs) used by cybercriminal groups. We will not delve into the details of how an attacker can compromise a system at this level, as it is not the objective of this article (we have several articles on our blog that cover this topic). However, it’s important to note that …
Publishing a website or files on the Deep Web using a Raspberry Pi anonymously (OnionShare).
1. Introduction and Objectives In this article, we will demonstrate how one can publish a website or a file-sharing space on the Deep Web (TOR network) using a Raspberry Pi, ensuring both security and anonymity. Throughout the project, we will encounter challenges that we must mitigate to the best of our ability while upholding the principles of security and anonymity. The main objective is to show readers how straightforward it is today for someone with basic systems knowledge to set up their own anonymous infrastructure for sharing information. Additionally, we will outline the measures to be taken in order to …
Attack Using BadUSB Devices or Rubber Ducky
1. Introduction and Objectives In this article, we will conduct a practical study on how an organization can be compromised using a BadUSB device, whether it’s inserted into a computer by an attacker with physical access to the victim’s system or by an unsuspecting user who falls victim to deception. We will get straight to the point without spending time on explanations about the technical features of these types of hardware or preparing Arduino IDE, as this information is readily available in numerous articles from other cybersecurity companies. In this article, our focus will be on programming a BadUSB using …
Exploiting: Buffer Overflow (BoF)
1. Introduction and Objectives In this article, we will delve into the exploitation of a Buffer Overflow (BoF) vulnerability. We will utilize various tools to extract the required information through reverse engineering, enabling us to create the final exploit and gain access to the target machine. To accomplish this, a fundamental understanding of reverse engineering and programming in Python is essential. 2. Setting up the Lab To initiate this practice of exploiting a Buffer Overflow vulnerability, we will need to set up a laboratory with the following virtual machines and tools: Once the machines are set up, we verify that …
Analysis of Malware in Android
1. Introduction and Objectives In this article, we will conduct the analysis of a well-known malware targeting Android. Specifically, we will examine a “Meterpreter” originated using the “Msfvenom” tool belonging to the Metasploit framework. For those unfamiliar with a “Meterpreter” application, it’s a command interpreter that allows interaction with the victim machine, offering high flexibility and reliability. In other words, it’s malware that provides the attacker with complete control over the infected machine, enabling command execution, webcam viewing, microphone listening, and numerous other fascinating functions. We will define what a “Meterpreter session” is later on. I recommend reading the book …
Covering Tracks After an Intrusion
1. Introduction and Objectives This phase, not covered in the cycle of “professional ethical hacking” but indeed in “Red Team Operations,” is necessary to gain a deeper understanding of the MITRE methodology used by many black/grey hats. Furthermore, it’s also valuable for those tasked with performing forensic analysis on the victim system. After the attacker has completed their intrusion into the victim system, they should erase their tracks by deleting system event log files, as well as other specific programs and services that were used for exploitation. This action makes detection and forensic analysis more challenging. During a “Red Team …
Latest News
