Relevant Posts
How to code shellcode runner for your malware analysis
The question that might come naturally after reading this title is:Why should you know how to code a shellcode runner for your malware analysis? Malware analysis is a dark art. Every time you conduct a routine analysis, you get a surprise.Often, you need to extract hidden shell codes and analyze them separately.While analyzing it, we...
What is command injection and how to exploit it
In this article I want to introduce you to command injection with a very simple practical example.I also suggest you read the code of the target application in order to better understand, but now let's get to the gist! Command injection is a code injection technique that exploits a security flaw in a software application....
Cyber Kill Chain: How Hackers Target and Take Down Organizations
This article is an introduction to what is Cyber Kill Chain and how it works. Maybe if you follow some cybersecurity podcast, newsletter etc. you have heard about that, but did you know exactly what is it?Knowing what it is is mandatory for anyone wishing to approach any field of cybersecurity.So let's start with a...
SQL Injection: What You Need to Know
What is SQL injection? SQL injection (SQLi) is an attack on a web application (among the most known along with XSS) that exploits a security vulnerability in a target software, in particular, it allows the attacker to do some operations on the vulnerable database.On the basis of past experiences, this kind of attack can be...
What is malware analysis and why is it important?
Are you familiar with malware analysis? It's an essential aspect of cybersecurity that deserves a closer look. In this article, we'll provide a concise yet comprehensive overview of malware analysis and walk you through the key steps involved in the process. Malware analysis is the systematic process of dissecting, understanding, and evaluating the functionality, origins,...
XSS in practice: how to exploit the Google XSS game
Just as a quick refresh: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side scripts into Web pages viewed by other users. An attacker can use a cross-site scripting vulnerability to bypass access controls such as the same-origin policy. For more details, before...
Latest Posts
How To Build Your Own: Python String Analysis for Malware Insights
When we approach the analysis of malware, understanding the inner workings of malware is crucial. The static analysis serves as our initial reconnaissance, allowing us to dissect and understand a file's potential threats without executing it. While tools like the UNIX strings command have long been staples in this domain, they sometimes lack the flexibility...
How Automate Malware Scans with VirusTotal API and Python: The Ultimate Guide.
In the field of cybersecurity, automation is not just a convenience; it's a necessity. Whether you're dealing with a handful or a plethora of files, manually scanning each one is neither efficient nor practical. This article aims to guide you through the process of automating file scans by calculating their hash values and leveraging the...
Mastering DVWA SQL Injection: Medium Security with Burp Suite
Welcome to our new write-up! Our focus today is on 'DVWA SQL Injection Medium Burp.' As we delve deeper into DVWA's medium security setting, Burp Suite becomes our trusted guide, revealing the intricacies of SQL injection challenges. Before starting you need to configure your lab, and if you don't know how to do it, here...
Mastering SQL Injection on DVWA Low Security with Burp Suite: A Comprehensive Guide
In our previous tutorials, we meticulously dissected the art of executing SQL injections manually, ensuring a robust understanding of its intricate mechanics. Now, with that foundational knowledge firmly in place, it's time to transition to a scenario that mirrors real-world cybersecurity practices. Tools become our primary allies in most professional settings, streamlining and enhancing our...
Mastering the Basics: How To Setup TryHackMe within Kali Linux
Welcome to another enlightening guide! Over the past months, I've delved deep into various CTF writeups, always emphasizing the importance of a streamlined cybersecurity lab setup. While many of you have successfully navigated through the Kali Linux installation using our detailed guide, I've noticed a recurring query: How do we kickstart our journey with TryHackMe?...
Mastering PicoCTF: Your Ultimate Registration Guide!
Diving into the realm of Capture The Flag (CTF) challenges? PicoCTF stands out as a prime starting point. While I've covered numerous topics on Stackzero.net, today's focus is a step-by-step guide to ease your PicoCTF registration process. After mastering the basics of cybersecurity, it's time to test those skills. And what better platform than PicoCTF?...