What is buffer overflow? Buffer overflow is an anomaly that occurs when software writing data to a buffer overflows its capacity, causing adjacent memory locations to be overwritten. In other words, too much information is passed to a container that does not have enough space, and that information ends up replacing the data in adjacent…
Explore how AiTM phishing and session-token theft allow attackers to bypass Microsoft 365 MFA, why standard OTP methods fail, and which telemetry signals indicate compromise. This technical guide gives security teams practical detection queries, containment steps, and prevention controls—deployable playbooks to neutralize active AiTM campaigns and harden identity posture.
Learn practical techniques to detect DNS tunneling and data exfiltration using Microsoft Sentinel. This guide shows how to spot unusual NXDOMAIN responses, long FQDNs, base64-like patterns and beaconing behavior, and includes Sigma-to-KQL guidance for fast deployment in network security monitoring. Take action now to harden your DNS telemetry and hunting playbooks.
What is Kerberos? Kerberos is a secure network authentication protocol based on tickets, designed to allow users and services to mutually authenticate over an untrusted network. Its main goal is to ensure that a user’s identity can be verified without transmitting passwords over the network, thereby reducing the risk of interception. Originally developed at MIT…
Content spoofing (also known as content injection) is one of the most common web security vulnerabilities. It allows the end user of the vulnerable web application to falsify or modify the actual content of the web page. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote…
Online attacks are more frequent than ever, and this trend is likely to continue growing. In this article, we analyze CSV injection attacks and how to defend against them. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper purposes. We…
In this section, we will explain what Cross-Origin Resource Sharing (CORS) is, describe some common examples of attacks based on Cross-Origin Resource Sharing, and discuss how to protect against these attacks. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper…
Data exfiltration—also known as Data Exfiltration—refers to the unauthorized transfer of sensitive information outside a secure corporate environment. This risk has become one of the top security concerns, as it can lead to theft of confidential information, reputational damage, and significant financial losses. Requirements: Responsibility: In this tutorial we will use hacking techniques, with the…
This tutorial provides an in-depth exploration of the LockBit ransomware, one of the most sophisticated and dangerous ransomware strains in 2024. This blog is designed for cybersecurity professionals, IT administrators, and businesses aiming to understand the mechanics of ransomware attacks and how to defend against them. It combines technical insights, practical attack simulations, and mitigation…
Command injection is a cyberattack that involves the execution of arbitrary commands on a host operating system (OS). Typically, the threat actor injects the commands by exploiting an application vulnerability, such as insufficient input validation. Requirements: Responsibility: In this tutorial we will use hacking techniques, with the only purpose of learning. We do not promote…