Kerberos is one of the most robust authentication protocols ever designed for enterprise environments. Its strength, however, does not rely solely on cryptography, but on a strict trust model enforced by the Key Distribution Center (KDC). When that trust model is misdesigned or poorly maintained, Kerberos can become a powerful attack vector capable of leading…
What is buffer overflow? Buffer overflow is an anomaly that occurs when software writing data to a buffer overflows its capacity, causing adjacent memory locations to be overwritten. In other words, too much information is passed to a container that does not have enough space, and that information ends up replacing the data in adjacent…
What is Data Loss Prevention (DLP)? The definition of Data Loss Prevention encompasses a set of practices and tools designed to prevent data leakage (also known as data exfiltration) due to intentional and unintentional misuse. These practices and tools include encryption, detection, preventive measures, educational pop-ups (for unintentional movements), and even machine learning to assess…
Remote Desktop Protocol (RDP) is a protocol, or technical standard, for using a desktop computer remotely. Remote desktop software can use several different protocols, including RDP, Independent Computing Architecture (ICA), and Virtual Network Computing (VNC), but RDP is the most widely used protocol. RDP was initially released by Microsoft and is available for most Windows…
What is Kerberos? Kerberos is a secure network authentication protocol based on tickets, designed to allow users and services to mutually authenticate over an untrusted network. Its main goal is to ensure that a user’s identity can be verified without transmitting passwords over the network, thereby reducing the risk of interception. Originally developed at MIT…
Content spoofing (also known as content injection) is one of the most common web security vulnerabilities. It allows the end user of the vulnerable web application to falsify or modify the actual content of the web page. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote…
Online attacks are more frequent than ever, and this trend is likely to continue growing. In this article, we analyze CSV injection attacks and how to defend against them. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper purposes. We…
A script to remotely dump files and folders from a Windows SMB share Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper purposes. We are not responsible for any damage or impairment that may be caused to the systems used.…
In this section, we will explain what Cross-Origin Resource Sharing (CORS) is, describe some common examples of attacks based on Cross-Origin Resource Sharing, and discuss how to protect against these attacks. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper…
Today I bring you a very simple tutorial that many people have been asking me for. It’s about attacking Kerberos tickets, both golden and silver. First, to understand what Kerberos is, visit my post that talks about Kerberos Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not…