#onlinesafety

Thick Client (Desktop) Application Penetration Testing – Part-2

by
Thick Client (Desktop) Application Penetration Testing - Part-2

Privilege Escalation using RegShot DLL Hijacking Sensitive information in Memory (Dumping connection string from Memory) Let’s try to log in with this credential using HediSQL: Remediation: Sensitive information should be encrypted. If encryption is not possible, use obfuscation techniques based on the application’s severity. Passwords In Registry Remediation: Encrypt passwords before storage, or store garbage … Read more

Thick Client (Desktop) Application Penetration Testing – Part-1

by
Thick Client (Desktop) Application Penetration Testing - Part-1

INFORMATION GATHERING Using the tool CFF Explorer Using the SysInternal Suites Let’s start … Using the Tool Wireshark Using the Tool ProcMon (Login Credentials in Registry Entry) TRAFFIC ANALYSIS Traffic Analysis using Wireshark Filter technique 1 Filter technique 2 Using Tool Echo Mirage

Most useful Linux network commands

by
most useful Linux Network Commands

Linux Network Commands: In the world of networking, having the right tools at your disposal can mean the difference between a smooth, seamless connection & a frustrating, time-consuming experience. While there are plenty of GUI-based network tools out there, seasoned Linux users know that the command line is often the best place to turn when … Read more

Unsegregated Docker Container Network

by
Unsegregated Docker Container Network

Welcome to the exciting world of Docker! If you’re a fan of containers and their many benefits, you’ll love this post on unsegregated container networks in Docker.But what exactly is an unsegregated docker container network, you ask? Think of it like a bustling city with different neighborhoods, each with its own unique character and charm. … Read more