Generated by All in One SEO v4.9.7.2, this is an llms.txt file, used by LLMs to index the site. # Black Hat Ethical Hacking Security is a myth ## Sitemaps - [XML Sitemap](https://www.blackhatethicalhacking.com/sitemap.xml): Contains all public & indexable URLs for this website. ## Posts - [Cisco Secure Client Software for Windows Vulnerable to Privilege Escalation Attack](https://www.blackhatethicalhacking.com/news/cisco-secure-client-software-for-windows-vulnerable-to-privilege-escalation-attack/) - A high-severity vulnerability has been discovered in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client), which could allow attackers to elevate privileges to the SYSTEM account. - [Brute-Force Attack on Linux SSH Servers Unleashes Tsunami DDoS Bot](https://www.blackhatethicalhacking.com/news/brute-force-attack-on-linux-ssh-servers-unleashes-tsunami-ddos-bot/) - An unidentified threat actor is carrying out brute-force attacks on Linux SSH servers, aiming to install various types of malware, including the Tsunami DDoS bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig coin miner. - [Dark Web Marketplace Reveals Over 101,000 Stolen ChatGPT Accounts](https://www.blackhatethicalhacking.com/news/dark-web-marketplace-reveals-over-101000-stolen-chatgpt-accounts/) - According to data from a dark web marketplace, more than 101,000 user accounts of ChatGPT, have been stolen by information-stealing malware in the past year. - [Microsoft confirms Azure, Outlook, OneDrive outages caused by Layer 7 DDoS Attacks](https://www.blackhatethicalhacking.com/news/microsoft-confirms-azure-outlook-onedrive-outages-caused-by-layer-7-ddos-attacks/) - Microsoft has recently confirmed that the outages experienced by Azure, Outlook, and OneDrive web portals were the result of Layer 7 DDoS attacks targeting the company's services - [Unlocking Windows System Resource Utilization for Digital Forensics Analysis with SRUM Dump](https://www.blackhatethicalhacking.com/articles/unlocking-windows-system-resource-utilization-for-digital-forensics-analysis-with-srum-dump/) - This write-up explains the importance and benefits of using SRUM (System Resource Utilization Management Database) and SRUM Dump tool on Windows Systems from a digital forensics investigation point of view. It can help digital forensics investigators or Information Security professionals understand what criminals did and prove it in a scientific way. - [GravityRAT, The Android Malware Threat Exploiting WhatsApp Backups](https://www.blackhatethicalhacking.com/news/gravityrat-the-android-malware-threat-exploiting-whatsapp-backups/) - GravityRAT is infecting mobile devices with a trojanized chat app called BingeChat. This insidious malware aims to steal valuable data from unsuspecting victims. Among the new additions observed in the latest version of GravityRAT, is the capability to steal WhatsApp backup files. - [Chinese Hacking Group Exploits VMware ESXi Vulnerability to Backdoor Windows and Linux VMs](https://www.blackhatethicalhacking.com/news/chinese-hacking-group-exploits-vmware-esxi-vulnerability-to-backdoor-windows-and-linux-vms/) - VMware has released a patch to address a zero-day vulnerability in VMware ESXi that was exploited by a Chinese-sponsored hacking group. The group, known as UNC3886 and discovered by cybersecurity firm Mandiant, used the CVE-2023-20867 VMware Tools authentication bypass flaw to backdoor Windows and Linux virtual machines hosted on compromised ESXi hosts. - [Offensive Security Tool: PhoneSploit Pro](https://www.blackhatethicalhacking.com/tools/phonesploit-pro/) - PhoneSploit Pro is an all-in-one hacking tool designed to exploit Android devices remotely. It leverages the power of ADB (Android Debug Bridge) and Metasploit-Framework to gain control over the target device and establish a Meterpreter session. PhoneSploit Pro provides a convenient and efficient solution for penetration testers looking to exploit Android devices remotely. - [Over 100 Popular Brands Impersonated in Massive Phishing Campaign](https://www.blackhatethicalhacking.com/news/over-100-popular-brands-impersonated-in-massive-phishing-campaign/) - The phishing campaign, uncovered by Bolster's threat research team, relies on approximately 3,000 domains and nearly 6,000 websites, including both active and inactive ones. - [Microsoft Visual Studio Flaw Enables Impersonation of Trusted Publishers](https://www.blackhatethicalhacking.com/news/microsoft-visual-studio-flaw-enables-impersonation-of-trusted-publishers/) - significant user interface (UI) bug (CVE-2023-28299) in Microsoft Visual Studio's extension installer is discovered. This vulnerability allows attackers to manipulate extension signatures, effectively impersonating any publisher. - [Fortinet Releases Urgent Firmware Updates to Address Critical SSL VPN Vulnerability](https://www.blackhatethicalhacking.com/news/fortinet-releases-urgent-firmware-updates-to-address-critical-ssl-vpn-vulnerability/) - Fortinet has taken swift action by releasing crucial firmware updates for their Fortigate devices. These updates address an undisclosed and critical pre-authentication remote code execution (RCE) vulnerability affecting SSL VPN devices. - [Offensive Security Tool: Octopus](https://www.blackhatethicalhacking.com/tools/octopus/) - Octopus is an open source pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. Octopus works in a very simple way to execute commands and exchange information with the C2 over a well encrypted channel, which makes it inconspicuous and undetectable from almost every AV, endpoint protection, and network monitoring solution. - [Exposed Win32k Windows Vulnerability, Researchers Share Proof-of-Concept Exploit](https://www.blackhatethicalhacking.com/news/exposed-win32k-windows-vulnerability-researchers-share-proof-of-concept-exploit/) - Researchers have unveiled a proof-of-concept (PoC) exploit for a Windows local privilege escalation vulnerability. This particular flaw, which was recently patched as part of the May 2023 Patch Tuesday, was actively exploited by threat actors. - [Malicious npm Package Targets Anthropic Claude AI Data in New “Malware-Slop” Campaign](https://www.blackhatethicalhacking.com/news/malicious-npm-package-targets-anthropic-claude-ai-data-in-new-malware-slop-campaign/) - Cybersecurity researchers at OX Security have uncovered a malicious package on the npm registry named “mouse5212-super-formatter” that includes information-stealing functionality. - [Critical GitHub Vulnerability Allowed Remote Code Execution via Single “git push”](https://www.blackhatethicalhacking.com/news/critical-github-vulnerability-allowed-remote-code-execution-via-single-git-push/) - A critical security vulnerability affecting GitHub.com and GitHub Enterprise Server has been disclosed, allowing authenticated users to achieve remote code execution (RCE) using a single “git push” command. - [Offensive Security Tool: TerminatorZ](https://www.blackhatethicalhacking.com/tools/terminatorz/) - TerminatorZ is an efficient web security tool designed to scan for potential vulnerabilities in your web applications. - [Critical nginx-ui Flaw Under Active Exploitation Enables Full Server Takeover](https://www.blackhatethicalhacking.com/news/critical-nginx-ui-flaw-under-active-exploitation-enables-full-server-takeover/) - A newly disclosed critical vulnerability affecting nginx-ui, an open-source web-based management tool for Nginx, is now being actively exploited by threat actors. - [React2Shell Exploited in Mass Credential Harvesting Campaign Targeting 700+ Hosts](https://www.blackhatethicalhacking.com/news/react2shell-exploited-in-mass-credential-harvesting-campaign-targeting-700-hosts/) - Cybersecurity researchers have uncovered a widespread credential harvesting operation exploiting the React2Shell vulnerability to compromise systems and extract sensitive data at scale. - [EvilTokens Phishing Service Fuels Large-Scale Microsoft 365 Account Takeover Campaign](https://www.blackhatethicalhacking.com/news/eviltokens-phishing-service-fuels-large-scale-microsoft-365-account-takeover-campaign/) - Cybersecurity researchers have uncovered an active and rapidly expanding device code phishing campaign targeting Microsoft 365 accounts across more than 340 organizations worldwide. - [Attackers Impersonate IT Support on Microsoft Teams to Deploy A0Backdoor Malware](https://www.blackhatethicalhacking.com/news/attackers-impersonate-it-support-on-microsoft-teams-to-deploy-a0backdoor-malware/) - Threat actors are targeting employees at financial and healthcare organizations by impersonating IT support staff through Microsoft Teams, convincing victims to grant remote access and ultimately deploying a new malware strain called A0Backdoor. - [Offensive Security Tool: DDoSlayer Ultimate Edition - Advanced DDoS Testing Framework](https://www.blackhatethicalhacking.com/tools/ddoslayer-advanced-ddos-testing-framework/) - DDoSlayer Ultimate Edition is a professional-grade Distributed Denial of Service (DDoS) testing framework designed for authorized penetration testing and red team operations. This tool simulates sophisticated Layer 4 and Layer 7 attacks to evaluate defensive capabilities against distributed denial of service scenarios. - [State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware](https://www.blackhatethicalhacking.com/news/state-sponsored-attack-hijacks-notepad-update-infrastructure-to-deliver-malware/) - The maintainer of Notepad++ has confirmed that state-sponsored threat actors compromised the application's update delivery mechanism, redirecting update traffic to malicious servers through an infrastructure-level breach. - [Offensive Security Tool: D0rkerR3con Framework](https://www.blackhatethicalhacking.com/tools/d0rkerr3con-framework/) - D0rkerR3con Framework is an offensive reconnaissance toolkit designed to identify exposed files, secrets, administrative panels, backups, and misconfigurations by launching weaponized Google Dorks per domain. - [Offensive Security Tool: SSRFPwned](https://www.blackhatethicalhacking.com/tools/ssrfpwned/) - SSRFPwned is a tool that automates the process of testing for Server-Side Request Forgery (SSRF) vulnerabilities. The tool injects payloads into the query parameters of each URL and checks the response code to determine if a vulnerability exists. The payloads are custom, with multiple attack vectors, and you can also add more wordlists if you want to test further. - [Recon Tool: fetchmeurls](https://www.blackhatethicalhacking.com/tools/fetchmeurls/) - fetchmeurls is a Recon tool designed for Bug Bounty Hunters to quickly fetch URLs for multiple domains, either for small or large scopes, actively and passively. - [Offensive Security Tool: SecretOpt1c](https://www.blackhatethicalhacking.com/tools/secretopt1c/) - SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using Active and Passive Techniques for Superior Accuracy. - [Recon Tool: ScopeHunter](https://www.blackhatethicalhacking.com/tools/scopehunter/) - ScopeHunter is a command-line tool for finding in-scope targets for Bug Bounty Hunting programs. It uses the latest databases from HackerOne, BugCrowd, Intigriti, and YesWeHack to give you accurate and up-to-date results. - [Offensive Security Tool: OpenRediWrecked](https://www.blackhatethicalhacking.com/tools/openrediwrecked/) - OpenRediWrecked is a tool for detecting and exploiting open redirect vulnerabilities using the sed utility and a selected list of carefully crafted payloads with encoding techniques. - [Offensive Security Tool: XSSRocket](https://www.blackhatethicalhacking.com/tools/xssrocket/) - XSSRocket it is a tool designed for Offensive Security and XSS (Cross-Site Scripting) attacks. - [Offensive Security Tool: SQLMutant](https://www.blackhatethicalhacking.com/tools/sqlmutant/) - SQLMutant is a powerful SQL injection testing tool. It employs various techniques to detect vulnerabilities, including pattern matching, error analysis, and timing attacks, ensuring comprehensive coverage. - [Offensive Security Tool: Nucleimonst3r](https://www.blackhatethicalhacking.com/tools/nucleimonst3r/) - Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits. - [Recon Tool: AdminPBuster (Admin Panel Buster)](https://www.blackhatethicalhacking.com/tools/adminpbuster/) - AdminPBuster identifies hidden admin panels for any domain using a built-in wordlist that includes both common and obscure paths, effectively bypassing WAFs. - [Offensive Security Tool: CF GeoBypasser Cyberpunk Framework](https://www.blackhatethicalhacking.com/tools/cf-geobypasser-cyberpunk-framework/) - CF GeoBypasser Cyberpunk Framework is a Modular Offensive Toolkit designed to discover and bypass Cloudflare-based Geo-restrictions using country-specific proxies. - [Fortinet Fixes Actively Exploited FortiOS SSO Auth Bypass](https://www.blackhatethicalhacking.com/news/fortinet-fixes-actively-exploited-fortios-sso-auth-bypass/) - Fortinet has begun rolling out security updates to address a critical authentication bypass vulnerability in FortiOS that is actively exploited in the wild, prompting CISA to add it to the Known Exploited Vulnerabilities (KEV) catalog. - [Press Releases](https://www.blackhatethicalhacking.com/blog/press-releases/) - BHEH's Press Release - [CISA Flags Actively Exploited VMware vCenter RCE in KEV Catalog](https://www.blackhatethicalhacking.com/news/cisa-flags-actively-exploited-vmware-vcenter-rce-in-kev-catalog/) - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Broadcom VMware vCenter Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing confirmed exploitation in the wild. - [Reprompt Attack Lets Attackers Exfiltrate Data From Microsoft Copilot With a Single Click](https://www.blackhatethicalhacking.com/news/reprompt-attack-lets-attackers-exfiltrate-data-from-microsoft-copilot-with-a-single-click/) - Cybersecurity researchers have disclosed details of a novel attack technique called Reprompt that enables attackers to silently exfiltrate sensitive data from AI chatbots such as Microsoft Copilot with a single click, bypassing enterprise security controls entirely. - [Node.js Fixes Critical DoS Flaw That Could Crash “Virtually Every Production App”](https://www.blackhatethicalhacking.com/news/node-js-fixes-critical-dos-flaw-that-could-crash-virtually-every-production-app/) - The Node.js project has released security updates to address a critical issue that could cause denial-of-service (DoS) conditions in what maintainers describe as “virtually every production Node.js app.” - [Actively Exploited D-Link Router Flaw Enables Unauthenticated Remote Code Execution](https://www.blackhatethicalhacking.com/news/actively-exploited-d-link-router-flaw-enables-unauthenticated-remote-code-execution/) - Cybersecurity researchers have confirmed active exploitation of a critical security flaw affecting multiple legacy D-Link DSL gateway routers, allowing attackers to execute arbitrary commands without authentication. - [Kali Linux 2025.4 Released With 3 new tools, Desktop Overhauls, and Halloween Mode](https://www.blackhatethicalhacking.com/news/kali-linux-2025-4-released-with-3-new-tools-desktop-overhauls-and-halloween-mode/) - The Kali Linux 2025.4 release is now available, delivering meaningful improvements across desktop environments, virtual machine support, and 3 new tools. This update builds on the September 2025.3 release with refreshed desktops, improved Wayland integration, a seasonal Halloween mode, and continued expansion of Kali NetHunter. - [New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale](https://www.blackhatethicalhacking.com/news/new-phishing-kits-automate-mfa-bypass-ai-email-lures-and-bank-credential-theft-at-scale/) - BlackForce, GhostFrame, InboxPrime AI, and Spiderman join a rapidly expanding ecosystem of phishing frameworks such as Tycoon 2FA, Salty 2FA, Sneaky 2FA, Cephas, Whisper 2FA, and others. - [Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers](https://www.blackhatethicalhacking.com/news/malicious-vs-code-extensions-infect-developers-with-infostealers-and-session-hijackers/) - Two malicious Visual Studio Code extensions uploaded to Microsoft’s official marketplace have been found deploying information-stealing malware capable of taking screenshots, exfiltrating credentials, stealing crypto wallets, and hijacking browser sessions. - [React2Shell - Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution](https://www.blackhatethicalhacking.com/news/react2shell-critical-bug-exposes-react-server-components-to-unauthenticated-remote-code-execution/) - A critical, maximum-severity vulnerability has been disclosed in React Server Components (RSC) that enables unauthenticated remote code execution (RCE) on exposed servers. - [Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops](https://www.blackhatethicalhacking.com/news/researchers-infiltrate-lazarus-groups-famous-chollima-job-fraud-network-using-fake-developer-laptops/) - A joint investigation by BCA LTD, NorthScan, and ANY.RUN has exposed one of North Korea’s most persistent infiltration pipelines — a vast network of remote IT workers tied to Lazarus Group’s Famous Chollima division. - [Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks](https://www.blackhatethicalhacking.com/news/matrix-push-c2-emerges-as-browser-based-c2-platform-using-fake-notifications-for-cross-platform-attacks/) - Cybercriminals have begun exploiting browser push notifications as a new infectionless attack vector, powered by a malware-as-a-service (MaaS) command-and-control framework called Matrix Push C2. - [Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions](https://www.blackhatethicalhacking.com/news/sneaky2fa-phishing-kit-adds-browser-in-the-browser-bitb-to-steal-microsoft-365-sessions/) - The Sneaky2FA phishing-as-a-service (PhaaS) platform has added a significant new capability to its Microsoft 365 credential-theft toolkit: browser-in-the-browser (BitB) fake login windows. - [New ClickFix Campaign “EVALUSION” Deploys Amatera Stealer and NetSupport RAT](https://www.blackhatethicalhacking.com/news/new-clickfix-campaign-evalusion-deploys-amatera-stealer-and-netsupport-rat/) - Cybersecurity researchers have uncovered a new wave of ClickFix-style malware attacks delivering both Amatera Stealer and NetSupport RAT, tracked by eSentire as EVALUSION. - [Maverick Malware Campaign Expands: WhatsApp-Propagated Banking Trojan Linked to Coyote](https://www.blackhatethicalhacking.com/news/maverick-malware-campaign-expands-whatsapp-propagated-banking-trojan-linked-to-coyote/) - Cybersecurity researchers have drawn strong parallels between Maverick, a new WhatsApp-propagating malware strain, and Coyote, a notorious Brazilian banking trojan, suggesting both belong to the same evolving threat ecosystem. - [Hotel Managers Targeted by ClickFix Phishing - PureRAT Used to Harvest Booking.com Credentials](https://www.blackhatethicalhacking.com/news/hotel-managers-targeted-by-clickfix-phishing-purerat-used-to-harvest-booking-com-credentials/) - Security researchers have exposed an ongoing, large-scale phishing campaign aimed at the hospitality sector that lures hotel staff and guests to ClickFix-style pages impersonating major booking platforms (Booking.com, Expedia) and deploys malware such as PureRAT (zgRAT) to steal credentials and enable fraud. - [Can Outsourcing Actually Save You Money?](https://www.blackhatethicalhacking.com/articles/can-outsourcing-actually-save-you-money/) - Discover how outsourcing can truly save your business money while improving efficiency, accessing expert skills, and boosting productivity. - [Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft](https://www.blackhatethicalhacking.com/news/freight-brokers-hit-by-rmm-based-cyber-attacks-aimed-at-physical-cargo-theft/) - Threat actors are conducting targeted phishing and social engineering campaigns against freight brokers, carriers, and logistics providers, using malicious links to deploy remote monitoring and management (RMM) tools. Once installed, these tools give attackers full control of victims’ systems, enabling them to hijack cargo shipments, impersonate carriers, and reroute physical goods. - [Network Eavesdropping via Man-in-the-Middle on Internal Communications](https://www.blackhatethicalhacking.com/articles/network-eavesdropping-via-man-in-the-middle-on-internal-communications/) - During an internal penetration testing, our team discovered that internal network communications were vulnerable to eavesdropping through a man-in-the-middle (MiTM) attack. - [AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors](https://www.blackhatethicalhacking.com/news/adaptixc2-open-source-c2-tool-gains-traction-with-ransomware-linked-actors/) - Security firms report growing criminal adoption of AdaptixC2. Several threat actors — including groups tied to the Fog and Akira ransomware operations — have been observed leveraging the framework. An initial access broker has reportedly used CountLoader in delivery chains that end with AdaptixC2 and other post-exploitation tools. - [Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)](https://www.blackhatethicalhacking.com/news/nearly-76000-watchguard-firebox-appliances-exposed-critical-ikev2-rce-cve-2025-9242/) - A critical vulnerability in WatchGuard’s Firebox appliances — CVE-2025-9242 — affects the IKEv2 handling process in Fireware OS and can be triggered without authentication by specially crafted IKEv2 packets, potentially enabling remote code execution. - [Obfuscation Tool: Flareprox](https://www.blackhatethicalhacking.com/tools/flareprox/) - FlareProx is a tool that deploys serverless HTTP proxy endpoints via Cloudflare Workers, enabling users to redirect web traffic to any destination URL while masking the true origin IP. - [LinkPro Rootkit: New eBPF-Backed GNU/Linux Backdoor Found in Compromised AWS Environments](https://www.blackhatethicalhacking.com/news/linkpro-rootkit-new-ebpf-backed-gnu-linux-backdoor-found-in-compromised-aws-environments/) - Security researchers at Synacktiv investigated a compromise of AWS-hosted infrastructure and uncovered a sophisticated GNU/Linux rootkit dubbed LinkPro. The intruders gained initial access by exploiting an exposed Jenkins server vulnerable to CVE-2024-23897 and deployed a malicious Docker image (kvlnt/vv, since removed) to multiple Kubernetes clusters - [Pixnapping: New Android Side-Channel Steals 2FA Codes Pixel-by-Pixel](https://www.blackhatethicalhacking.com/news/pixnapping-new-android-side-channel-steals-2fa-codes-pixel-by-pixel/) - A team of U.S. university researchers has disclosed Pixnapping, a novel side-channel attack that allows a malicious Android app with no special permissions to steal the actual pixels other apps draw on screen, reconstruct those pixels, and recover sensitive content — including two-factor authentication (2FA) codes, chat messages, emails and even crypto seed phrases. - [ChaosBot: Rust Backdoor Uses Discord C2 — Chaos Ransomware Adds Destructive & Clipboard-Hijack Features](https://www.blackhatethicalhacking.com/news/chaosbot-rust-backdoor-uses-discord-c2-chaos-ransomware-adds-destructive-clipboard-hijack-features/) - Security firms have disclosed two related developments from the “Chaos” ecosystem: a new Rust-based backdoor called ChaosBot used for reconnaissance and remote command execution, and an evolved Chaos-C++ ransomware family that now includes destructive deletion and clipboard-hijacking capabilities. - [Offensive Security Tool: FormPoison](https://www.blackhatethicalhacking.com/tools/formpoison/) - FormPoison is a form-focused testing framework designed to identify web application vulnerabilities, particularly Cross-Site Scripting (XSS) and SQL injection. - [Redis Fixes 13-Year-Old CVSS 10.0 “RediShell” Bug Allowing Remote Code Execution](https://www.blackhatethicalhacking.com/news/redis-fixes-13-year-old-cvss-10-0-redishell-bug-allowing-remote-code-execution/) - Redis has patched a 13-year-old remote code execution vulnerability (CVE-2025-49844), nicknamed “RediShell”, that affects all versions of its in-memory database software. - [Crimson Collective Claims Red Hat GitLab Breach, 570GB Data Stolen](https://www.blackhatethicalhacking.com/news/crimson-collective-claims-red-hat-gitlab-breach-570gb-data-stolen/) - An extortion group calling itself the Crimson Collective claims to have stolen 570GB of compressed data across 28,000 internal development repositories belonging to Red Hat’s consulting division. - [Offensive Security Tool: EvilWAF - Web Application Firewall Bypass Toolkit](https://www.blackhatethicalhacking.com/tools/evilwaf-web-application-firewall-bypass-toolkit/) - EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs). - [CISA Adds Critical Sudo “chroot” Flaw to KEV](https://www.blackhatethicalhacking.com/news/cisa-adds-critical-sudo-chroot-flaw-to-kev/) - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-32463 — a critical privilege-escalation bug in Sudo — to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild and setting a due date of October 20, 2025 for required mitigations for federal agencies. - [Kali Linux 2025.3 released with 10 New Tools, Nexmon Wi-Fi Injection for Raspberry Pi and Vagrant Updates](https://www.blackhatethicalhacking.com/news/kali-linux-2025-3-released-with-10-new-tools-nexmon-wi-fi-injection-for-raspberry-pi-and-vagrant-updates/) - Kali Linux 2025.3 is now available, delivering a mix of infrastructure refreshes, wireless improvements and fresh tooling. Key highlights since the 2025.2 release include updated Packer & Vagrant support, Nexmon integration for Raspberry Pi Wi-Fi monitor/injection capabilities, and 10 new tools added to the repositories. - [Critical Entra ID Flaw Could Have Let Attackers Seize Any Microsoft Tenant](https://www.blackhatethicalhacking.com/news/critical-entra-id-flaw-could-have-let-attackers-seize-any-microsoft-tenant/) - A pair of legacy components in Microsoft’s cloud identity stack combined to create a critical privilege-escalation vector that could have allowed an attacker to gain Global Admin privileges in any Microsoft Entra ID tenant. - [Sixth Chrome Zero-Day of 2025 Patched After Active Exploitation](https://www.blackhatethicalhacking.com/news/sixth-chrome-zero-day-of-2025-patched-after-active-exploitation/) - Google has released an emergency security update for Chrome to fix CVE-2025-10585, a high-severity type confusion vulnerability in the browser’s V8 JavaScript engine. - [How Penetration Testing Supports DORA Compliance for Financial and ICT Entities](https://www.blackhatethicalhacking.com/articles/how-penetration-testing-supports-dora-compliance-for-financial-and-ict-entities/) - Learn how penetration testing supports DORA (Digital Operational Resilience Act) compliance for financial institutions and ICT providers. - [SpamGPT: AI-Powered Phishing Toolkit Redefines Email Threat Landscape](https://www.blackhatethicalhacking.com/news/spamgpt-ai-powered-phishing-toolkit-redefines-email-threat-landscape/) - A new AI-driven phishing toolkit called SpamGPT has surfaced on underground forums, promising cybercriminals professional-grade tools for spam and phishing at scale. - [New HybridPetya Ransomware Bypasses UEFI Secure Boot Protection](https://www.blackhatethicalhacking.com/news/new-hybridpetya-ransomware-bypasses-uefi-secure-boot-protection/) - Researchers at ESET have identified a new ransomware strain dubbed HybridPetya, capable of bypassing UEFI Secure Boot to install a malicious bootkit in the EFI System Partition. - [Offensive Security Tool: FaceDancer](https://www.blackhatethicalhacking.com/tools/facedancer/) - FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loading. - [Salty2FA Bypasses Multi-Factor Authentication in Advanced Phishing Campaign](https://www.blackhatethicalhacking.com/news/salty2fa-bypasses-multi-factor-authentication-in-advanced-phishing-campaign/) - Cybersecurity researchers have identified a next-generation phishing kit known as Salty2FA, which uses advanced tactics to bypass multi-factor authentication (MFA) and impersonate trusted corporate login portals. - [iCloud Calendar Invites Abused to Send Callback Phishing Emails via Apple Servers](https://www.blackhatethicalhacking.com/news/icloud-calendar-invites-abused-to-send-callback-phishing-emails-via-apple-servers/) - Attackers are abusing iCloud Calendar invites to send callback phishing emails that appear to come directly from Apple’s email servers, making them more likely to bypass spam filters. - [OS Command Injection via 'lang' Parameter in Fortinet VPN SSL Interface](https://www.blackhatethicalhacking.com/articles/os-command-injection-via-lang-parameter-in-fortinet-vpn-ssl-interface/) - During an external pentesting, a critical OS Command Injection vulnerability was identified by our team in a Fortinet SSL VPN web interface, specifically through manipulation of the lang (language) parameter. - [Unauthorized LDAP Enumeration Exposes Active Directory for Privilege Escalation](https://www.blackhatethicalhacking.com/articles/unauthorized-ldap-enumeration-exposes-active-directory-for-privilege-escalation/) - During a penetration testing assessment, we revealed a critical weakness in the Active Directory (AD) environment stemming from improper LDAP access controls. Our Red Team successfully brute-forced a weak administrator password and remotely accessed a Windows server. - [Critical FortiGate 100F SSL-VPN Vulnerability Exploited](https://www.blackhatethicalhacking.com/articles/critical-fortigate-100f-ssl-vpn-vulnerability-exploited/) - During an external pentesting, our red team identified a critical vulnerability on FortiGate 100F firewall appliances. The issue is CVE-2022-42475 – a heap-based buffer overflow in FortiOS’s SSL-VPN service that allows remote, unauthenticated code execution. - [Cloudflare Confirms Salesforce-Linked Data Breach via Salesloft Drift](https://www.blackhatethicalhacking.com/news/cloudflare-confirms-salesforce-linked-data-breach-via-salesloft-drift/) - Cloudflare has confirmed that its Salesforce environment was compromised in the ongoing Salesloft Drift supply chain attack, exposing sensitive customer support case data but leaving its core infrastructure untouched. - [Meta Patches WhatsApp Zero-Day Vulnerability Linked to Apple Zero-Day Exploit Chain](https://www.blackhatethicalhacking.com/news/meta-patches-whatsapp-zero-day-vulnerability-linked-to-apple-zero-day-exploit-chain/) - WhatsApp has patched a high-severity vulnerability (CVE-2025-55177) in its iOS and macOS apps that may have been actively exploited in targeted zero-day attacks. - [Offensive Security Tool: smugglo](https://www.blackhatethicalhacking.com/tools/smugglo/) - smugglo is an HTML smuggling tool that generates self-contained HTML payloads capable of embedding arbitrary files directly into a browser-renderable HTML document. - [Nx Supply Chain Attack Abuses AI Tools to Steal Developer Credentials](https://www.blackhatethicalhacking.com/news/nx-supply-chain-attack-abuses-ai-tools-to-steal-developer-credentials/) - The maintainers of the Nx build system have warned users about a supply chain attack that injected malicious code into several Nx packages and auxiliary plugins on npm. The compromised packages were capable of scanning file systems, collecting credentials, and exfiltrating data to attacker-controlled GitHub repositories. - [XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare](https://www.blackhatethicalhacking.com/articles/xss-vulnerability-in-the-get-a-quote-form-while-bypassing-wordfence-and-cloudflare/) - During an external penetration testing, we uncovered a Cross-Site Scripting (XSS) vulnerability in the newly introduced “Get a Quote” form on the client’s website. This weakness allows malicious script injection via user input, which was not caught by existing defenses (including Wordfence and Cloudflare Web Application Firewall). - [Sni5Gect Attack Framework Can Downgrade 5G Connections Without Rogue Base Stations](https://www.blackhatethicalhacking.com/news/sni5gect-attack-framework-can-downgrade-5g-connections-without-rogue-base-stations/) - The tool, called Sni5Gect (short for Sniffing 5G Inject), is an open-source software toolkit capable of sniffing unencrypted messages exchanged between a 5G base station (gNB) and a mobile device (UE). It can then inject malicious messages over-the-air to manipulate the communication. - [Mac Infostealer 'Shamos' Spreads via ClickFix Attacks Masquerading as Help](https://www.blackhatethicalhacking.com/news/mac-infostealer-shamos-spreads-via-clickfix-attacks-masquerading-as-help/) - A new infostealer malware named Shamos is targeting macOS devices through ClickFix attacks that impersonate troubleshooting guides and fixes. - [Threat Actors Exploit Two-Year-Old Apache ActiveMQ Flaw to Deploy DripDropper Malware on Linux Systems](https://www.blackhatethicalhacking.com/news/threat-actors-exploit-two-year-old-apache-activemq-flaw-to-deploy-dripdropper-malware-on-linux-systems/) - Cybersecurity researchers from Red Canary have observed threat actors exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy a previously unknown malware downloader called DripDropper. - [15.8 Million PayPal Logins Allegedly on Sale in Hacker Forum](https://www.blackhatethicalhacking.com/news/15-8-million-paypal-logins-allegedly-on-sale-in-hacker-forum/) - A cybercriminal going by the alias Chucky_BF is advertising a massive trove of alleged PayPal credentials on a hacker forum. The dataset, dubbed the “Global PayPal Credential Dump 2025,” reportedly contains 15.8 million plaintext email-password combinations linked to PayPal accounts. - [How to Start a Career in Cybersecurity (Offensive Security Edition)](https://www.blackhatethicalhacking.com/articles/how-to-start-a-career-in-cybersecurity-offensive-security-edition/) - Discover how to launch a successful career in offensive cybersecurity with this in-depth guide. Learn key fundamentals, certifications, hands-on training, and how to build a standout portfolio in ethical hacking. - [Cyber Kill Chain's phases: Understanding the cycle of a cyber attack](https://www.blackhatethicalhacking.com/articles/cyber-kill-chains-phases-understanding-the-cycle-of-a-cyber-attack/) - Discover the Cyber Kill Chain model—a strategic framework that breaks down cyber attacks into seven key phases. Learn how organizations can detect, prevent, and respond to threats more effectively by understanding each stage, from reconnaissance to execution - [XZ-Utils Backdoor Still Found in 35+ Docker Hub Linux Images](https://www.blackhatethicalhacking.com/news/xz-utils-backdoor-still-found-in-35-docker-hub-linux-images/) - The XZ-Utils backdoor, first discovered in March 2024, is still present in at least 35 Linux container images on Docker Hub, leaving users and organizations exposed to potential compromise. - [WinRAR Zero-Day Exploited to Deploy RomCom Malware](https://www.blackhatethicalhacking.com/news/winrar-zero-day-exploited-to-deploy-romcom-malware/) - A recently patched WinRAR vulnerability, tracked as CVE-2025-8088, was actively exploited as a zero-day in phishing attacks to deliver the RomCom malware. The flaw, a directory traversal vulnerability, was fixed in WinRAR 7.13 and allowed maliciously crafted archives to extract files into arbitrary file paths chosen by the attacker. - [How Misconfigurations in Linux can leave you vulnerable to Attackers](https://www.blackhatethicalhacking.com/articles/how-misconfigurations-in-linux-can-leave-you-vulnerable-to-attackers/) - Security misconfigurations in Linux systems occur when necessary security controls are not properly implemented for servers or web apps In this article, we'll emphasize the importance of detecting and addressing misconfigurations through practical examples and tools like Nmap and the Metasploit Framework. - [How to Use an American Proxy Server for Faster, Smarter Web Access](https://www.blackhatethicalhacking.com/articles/how-to-use-an-american-proxy-server-for-faster-smarter-web-access/) - Discover how using an American proxy server can boost web speed, access U.S.-only content, improve SEO accuracy, and enhance automation performance for digital professionals worldwide. - [Steganography: How to hide data in images and extract them](https://www.blackhatethicalhacking.com/articles/steganography-how-to-hide-data-in-images-and-extract-them/) - Steganography is a hiding technique, which aims at delivering a hidden message where some other kind of information is already being delivered... - [Ghost Calls: New C2 Technique Abuses Zoom and Teams to Evade Detection](https://www.blackhatethicalhacking.com/news/ghost-calls-new-c2-technique-abuses-zoom-and-teams-to-evade-detection/) - A newly disclosed command-and-control (C2) evasion technique dubbed Ghost Calls allows attackers to tunnel malicious traffic through trusted conferencing infrastructure, including Zoom and Microsoft Teams TURN servers. - [New 'Plague' Malware Evades Detection for a Year, Hijacks Linux SSH Authentication](https://www.blackhatethicalhacking.com/news/new-plague-malware-evades-detection-for-a-year-hijacks-linux-ssh-authentication/) - A newly uncovered Linux backdoor named Plague has been operating stealthily for over a year, providing attackers with persistent SSH access and the ability to bypass authentication mechanisms on infected systems. - [Offensive Security Tool: RingReaper](https://www.blackhatethicalhacking.com/tools/ringreaper/) - RingReaper is a stealth-focused post-exploitation agent built for Linux environments, designed to evade Endpoint Detection and Response (EDR) solutions. - [Critical RCE Flaw in WordPress 'Alone' Theme Under Mass Exploitation](https://www.blackhatethicalhacking.com/news/critical-rce-flaw-in-wordpress-alone-theme-under-mass-exploitation/) - The flaw, tracked as CVE-2025-31199 and dubbed “Sploitlight” by Microsoft researchers, exploited Spotlight plugin behavior to evade privacy controls and harvest detThreat actors are actively exploiting a critical vulnerability in the WordPress theme "Alone", enabling unauthenticated remote code execution and full site takeovers. The flaw, tracked as CVE-2025-5394, affects all theme versions up to 7.8.3.ailed user information. It was addressed in March 2025 with macOS Sequoia 15.4 through “improved data redaction.” - [How do QR Codes work and how criminal hackers use them to generate phishing attacks - Demo](https://www.blackhatethicalhacking.com/articles/how-do-qr-codes-work-and-how-criminal-hackers-use-them-to-generate-phishing-attacks-demo/) - In this article, we'll explore the pervasive presence and potential risks associated with QR codes in daily life. We'll discuss the ease with which malicious QR codes can be created, either manually or through specialized tools, allowing attackers to embed harmful payloads. - [New macOS 'Sploitlight' Flaw Bypasses Privacy Controls to Exfiltrate Sensitive Data](https://www.blackhatethicalhacking.com/news/new-macos-sploitlight-flaw-bypasses-privacy-controls-to-exfiltrate-sensitive-data/) - The flaw, tracked as CVE-2025-31199 and dubbed “Sploitlight” by Microsoft researchers, exploited Spotlight plugin behavior to evade privacy controls and harvest detailed user information. It was addressed in March 2025 with macOS Sequoia 15.4 through “improved data redaction.” - [Scattered Spider Hacks VMware ESXi via Help Desk Social Engineering](https://www.blackhatethicalhacking.com/news/scattered-spider-hacks-vmware-esxi-via-help-desk-social-engineering/) - Scattered Spider, a notorious financially motivated threat group, has escalated its attacks by compromising VMware ESXi hypervisors across major U.S. companies using no software exploits, but rather highly targeted social engineering tactics, Google’s Threat Intelligence Group (GTIG) has warned. - [Koske Malware Hides in Panda JPEGs to Deploy Crypto Miners on Linux](https://www.blackhatethicalhacking.com/news/koske-malware-hides-in-panda-jpegs-to-deploy-crypto-miners-on-linux/) - A new Linux malware named Koske is exploiting misconfigured JupyterLab environments and using innocent-looking panda bear images to deploy stealthy rootkits and crypto miners, researchers from AquaSec revealed. - [Hackers Actively Target Cisco ISE in Ongoing RCE Exploits](https://www.blackhatethicalhacking.com/news/hackers-actively-target-cisco-ise-in-ongoing-rce-exploits/) - Cisco has issued a new warning confirming that three recently patched remote code execution vulnerabilities in its Identity Services Engine (ISE) are now being actively exploited. - [Microsoft Rushes Emergency SharePoint Patches as New Zero-Days Fuel ToolShell Attacks](https://www.blackhatethicalhacking.com/news/microsoft-rushes-emergency-sharepoint-patches-as-new-zero-days-fuel-toolshell-attacks/) - Two new zero-day vulnerabilities in Microsoft SharePoint are being actively exploited by threat actors to compromise organizations worldwide, prompting the company to issue urgent out-of-band patches. - [Steganography - How images can hide secret messages in plain sight](https://www.blackhatethicalhacking.com/articles/steganography-how-images-can-hide-secret-messages-in-plain-sight/) - Steganography is the practice of hiding secret messages in otherwise non-secret mediums. It's different than cryptography where is the idea of encrypting a message... - [Recon Tool: ZoomeyeSearch](https://www.blackhatethicalhacking.com/tools/zoomeyesearch/) - ZoomeyeSearch is a recon tool that provides programmatic access to the ZoomEye cybersecurity search engine. It enables security professionals to search for exposed devices, services, and infrastructure across the internet. - [New Cisco ISE Vulnerability Allows Root Exploits Without Authentication](https://www.blackhatethicalhacking.com/news/new-cisco-ise-vulnerability-allows-root-exploits-without-authentication/) - Cisco has issued an urgent security advisory for a critical vulnerability affecting Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Tracked as CVE-2025-20337, the flaw holds a CVSS score of 10.0, the highest possible severity rating. The issue allows unauthenticated, remote attackers to execute arbitrary code on the host operating system with root-level privileges, without requiring any credentials. - [Fake Telegram Apps Laced with Malware Target Android Users Through Phishing Domains](https://www.blackhatethicalhacking.com/news/fake-telegram-apps-laced-with-malware-target-android-users-through-phishing-domains/) - Researchers at BforeAI’s PreCrime Labs have uncovered a large-scale Android malware campaign involving 607 malicious domains designed to impersonate Telegram download pages. These sites are pushing fake Telegram APKs loaded with malware and abusing tactics like typosquatting, QR redirection, and SEO-optimized blog layouts. - [Google Gemini Abused to Spread Phishing via AI-Generated Email Summaries](https://www.blackhatethicalhacking.com/news/google-gemini-abused-to-spread-phishing-via-ai-generated-email-summaries/) - Security researcher Marco Figueroa has uncovered a novel prompt injection vulnerability affecting Google Gemini within Workspace. The exploit allows attackers to manipulate email summaries generated by the AI, tricking users into trusting fabricated security warnings—without using links, attachments, or visible malware. - [Shellter Framework Hijacked - Red Team Tool Abused to Launch Infostealer Campaigns](https://www.blackhatethicalhacking.com/news/shellter-framework-hijacked-red-team-tool-abused-to-launch-infostealer-campaigns/) - Threat actors are actively abusing a commercial red team framework—Shellter Elite v11.0—to stealthily deliver malware payloads in financially motivated infostealer campaigns. Originally developed for sanctioned security testing, Shellter's anti-virus/EDR evasion capabilities are now being used by cybercriminals to evade detection and execute post-exploit malware in the wild. - [Oracle ILOM Compromise via EternalBlue](https://www.blackhatethicalhacking.com/articles/oracle-ilom-compromise-via-eternalblue/) - During a penetration testing assessment, our team identified a critical exploitation chain affecting an enterprise network. The attack began by exploiting the EternalBlue vulnerability on an unpatched Windows server, allowing remote code execution. - [Atomic macOS Stealer Evolves - New Variant Enables Remote Control and Reboot Persistence](https://www.blackhatethicalhacking.com/news/atomic-macos-stealer-evolves-new-variant-enables-remote-control-and-reboot-persistence/) - Security researchers have discovered a dangerous new version of the Atomic macOS Stealer (AMOS) that includes a built-in backdoor, allowing attackers to maintain persistent access to infected Apple devices. - [Offensive Security Tool: APKScope](https://www.blackhatethicalhacking.com/tools/apkscope/) - APKScope is a tool designed to simplify the security analysis of Android applications. It integrates with popular tools such as ADB, Frida, Drozer, Jadx, and Apktool. - [Cisco Removes Critical Backdoor Account from Unified Communications Manager](https://www.blackhatethicalhacking.com/news/cisco-removes-critical-backdoor-account-from-unified-communications-manager/) - Cisco has patched a critical backdoor vulnerability (CVE-2025-20309) in its Unified Communications Manager (Unified CM) that could have allowed unauthenticated remote attackers to gain root access on affected systems using static credentials. - [Bluetooth Bugs in Sony, Bose, JBL Devices Could Let Hackers Spy or Place Calls](https://www.blackhatethicalhacking.com/news/bluetooth-bugs-in-sony-bose-jbl-devices-could-let-hackers-spy-or-place-calls/) - Researchers have disclosed three Bluetooth vulnerabilities in Airoha chipsets, widely used in wireless audio products from ten major vendors, enabling potential eavesdropping, data theft, and command injection attacks. - [Offensive Security Tool: Cybersecurity AI (CAI)](https://www.blackhatethicalhacking.com/tools/cybersecurity-ai-cai/) - Cybersecurity AI (CAI) Is an open-source, agent-based, and modular AI framework purpose-built to automate and augment cybersecurity testing workflows using Large Language Models (LLMs) and pluggable tools. - [WinRAR Patches Directory Traversal Flaw Allowing Silent Malware Installation](https://www.blackhatethicalhacking.com/news/winrar-patches-directory-traversal-flaw-allowing-silent-malware-installation/) - WinRAR has released a critical security update addressing a directory traversal vulnerability (CVE-2025-6218) that could allow malware to execute after users extract malicious archives. - [FileFix Attack Abuses Windows File Explorer to Execute Hidden PowerShell Commands](https://www.blackhatethicalhacking.com/news/filefix-attack-abuses-windows-file-explorer-to-execute-hidden-powershell-commands/) - A cybersecurity researcher has uncovered a new variant of the ClickFix attack, dubbed FileFix, that leverages Windows File Explorer’s address bar to trick users into executing malicious commands on their systems. - [Salt Typhoon Exploits Cisco Zero-Day to Breach Canadian Telecom](https://www.blackhatethicalhacking.com/news/salt-typhoon-exploits-cisco-zero-day-to-breach-canadian-telecom/) - The Canadian Centre for Cyber Security (Cyber Centre) and the FBI have confirmed that the Chinese state-sponsored hacking group known as Salt Typhoon is actively targeting Canadian telecommunications firms. - [Using Favicon for OSINT](https://www.blackhatethicalhacking.com/articles/using-favicon-for-osint/) - When it comes to OSINT, the smallest details often uncover the biggest insights—and the favicon is a perfect example. Whether you're on the red team or the blue team, understanding favicon hashing will sharpen your discovery techniques, enhance your infrastructure visibility, and help you uncover connections others routinely miss. - [New Linux Vulnerabilities Allow Instant Root Access Across Major Distros](https://www.blackhatethicalhacking.com/news/new-linux-vulnerabilities-allow-instant-root-access-across-major-distros/) - Security researchers have identified two critical local privilege escalation (LPE) vulnerabilities affecting a wide range of Linux distributions. When chained, these flaws allow attackers to instantly elevate their privileges to root, posing a universal risk to systems running default configurations. - [Red Team vs Blue Team Mindset for Better Cybersecurity Defense](https://www.blackhatethicalhacking.com/articles/red-team-vs-blue-team-mindset-for-better-cybersecurity-defense/) - Discover how adopting both red team (attacker) and blue team (defender) mindsets can enhance cybersecurity strategies, improve risk management, and build resilient defenses against modern threats. - [Kali Linux 2025.2 Release — 13 New Hacking Tools, BloodHound CE, NetHunter CARsenal & More](https://www.blackhatethicalhacking.com/news/kali-linux-2025-2-release-13-new-hacking-tools-bloodhound-ce-nethunter-carsenal-more/) - The release of Kali Linux 2025.2 marks more than just a routine update—it represents a significant evolution in both functionality and user experience. With 13 new tools, a refreshed menu system, and key updates like the BloodHound Community Edition, this release is built for modern offensive security challenges. One standout is CARsenal, a fully revamped car hacking toolkit that simplifies CAN bus exploitation and testing of automotive networks. - [ClickFix Attack: Expired Discord Invites Now Deliver Remote Access Trojans](https://www.blackhatethicalhacking.com/news/clickfix-attack-expired-discord-invites-now-deliver-remote-access-trojans/) - A new cyberattack campaign is weaponizing expired and deleted Discord invite links to redirect unsuspecting users to malicious servers that distribute remote access trojans (RATs) and info-stealing malware. - [Server Authentication: The neglected area of Active Directory Certificate Services (ADCS)](https://www.blackhatethicalhacking.com/articles/server-authentication-the-neglected-area-of-adcs/) - This article explores how attackers can leverage Server Authentication templates to compromise networks and why hardening these templates is just as critical to an organization’s security posture. - [New Secure Boot Flaw Lets Attackers Install Bootkit Malware](https://www.blackhatethicalhacking.com/news/new-secure-boot-flaw-lets-attackers-install-bootkit-malware/) - Security researchers have uncovered a severe flaw that compromises Secure Boot—an essential security feature used by nearly every modern PC and server. Tracked as CVE-2025-3052, the vulnerability allows attackers to disable Secure Boot protections and install stealthy bootkits that persist across reboots. - [Vulnerability Disclosure Policy](https://www.blackhatethicalhacking.com/terms/vulnerability-disclosure-policy/) - BHEH's VDP Policy - [Google Recovery Bug Allowed Brute-Force of User Phone Numbers](https://www.blackhatethicalhacking.com/news/google-recovery-bug-allowed-brute-force-of-user-phone-numbers/) - Security researcher BruteCat uncovered a legacy JavaScript-disabled version of Google’s username recovery form that lacked adequate rate-limiting and CAPTCHA protection. This exposed endpoint allowed attackers to brute-force Google recovery phone numbers tied to any Google account—essentially enabling anyone to uncover users’ personal numbers using automated tooling. - [Recon Tool: WaybackLister](https://www.blackhatethicalhacking.com/tools/waybacklister/) - WaybackLister is a reconnaissance tool that taps into the Wayback Machine to fetch historical URLs for a domain, parses unique paths, and checks if any of those paths currently expose directory listings. - [Chaos RAT MalwarVariant Distributed via Fake Linux Network Tools](https://www.blackhatethicalhacking.com/news/chaos-rat-malware-variant-distributed-via-fake-linux-network-tools/) - Threat hunters at Acronis have identified an updated variant of the Chaos Remote Access Trojan (RAT) being actively used in attacks targeting both Windows and Linux systems. This latest wave of infections has been linked to phishing campaigns and fake utility downloads, with payloads designed for reconnaissance, remote control, and cryptocurrency mining. - [Critical Flaws in Linux Crash Handlers Expose Password Hashes](https://www.blackhatethicalhacking.com/news/critical-flaws-in-linux-crash-handlers-expose-password-hashes/) - Qualys Threat Research Unit (TRU) has disclosed two critical information disclosure vulnerabilities—CVE-2025-5054 and CVE-2025-4598—affecting crash-reporting tools in widely used Linux distributions including Ubuntu, Red Hat Enterprise Linux (RHEL), and Fedora. These flaws could allow local attackers to exploit race conditions and extract sensitive data like password hashes from core dumps. - [OSINT Tool: GoogleDorker](https://www.blackhatethicalhacking.com/tools/googledorker/) - GoogleDorker is a tool designed for ethical hackers, bug bounty hunters, and penetration testers. It automates and enhances the process of Google Dorking—a technique that uses advanced Google search operators to find sensitive information exposed on the internet. - [Microsoft OneDrive File Picker Flaw Gives Apps Full Access to User Cloud Data](https://www.blackhatethicalhacking.com/news/microsoft-onedrive-file-picker-gives-apps-too-much-power/) - A new investigation by Oasis Security has uncovered a significant privacy flaw in Microsoft’s OneDrive File Picker, a feature integrated with hundreds of popular web applications including ChatGPT, Slack, Trello, and ClickUp. The flaw enables connected applications to gain overly broad access to users’ cloud data—far beyond what users expect or consent to. - [Adidas Confirms Data Breach: Customer Information Exposed in Cyberattack](https://www.blackhatethicalhacking.com/news/adidas-confirms-data-breach-customer-information-exposed-in-cyberattack/) - Global sportswear leader Adidas has confirmed it was the target of a cyberattack in which customer data was accessed by threat actors, exposing sensitive contact details and account-related information. - [Reverse Engineering-Hacking Tools](https://www.blackhatethicalhacking.com/articles/reverse-engineering-hacking-tools/) - Reverse engineering involves dissecting objects, both physical and digital, to comprehend their inner workings, enabling us to replicate, enhance, or secure them. We'll explore essential tools such as Ghidra, Binary Ninja, and Apktool which empower engineers and security experts to unravel and optimize software. - [‘Hazy Hawk’ Hijacks Abandoned Cloud CNAMEs to Exploit Trusted Domains](https://www.blackhatethicalhacking.com/news/hazy-hawk-hijacks-abandoned-cloud-cnames-to-exploit-trusted-domains/) - A newly identified threat actor dubbed ‘Hazy Hawk’ has been observed hijacking abandoned DNS CNAME records that point to decommissioned cloud infrastructure, allowing them to take over trusted subdomains of some of the world’s most reputable institutions and corporations. - [Essential Skills Every Hacker Should Master](https://www.blackhatethicalhacking.com/articles/essential-skills-every-hacker-should-master/) - In this article, you'll discover essential skills that every hacker must master to excel in the field of offensive security. This includes mastering programming and networking, as well as utilizing hacking tools. - [New 'Defendnot' Tool Silently Disables Microsoft Defender Using Fake AV Registration](https://www.blackhatethicalhacking.com/news/new-defendnot-tool-silently-disables-microsoft-defender-using-fake-av-registration/) - Security researcher es3n1n has released a new tool dubbed Defendnot, which can silently disable Microsoft Defender by spoofing the presence of a legitimate antivirus product—even on systems where no actual third-party AV is installed. - [Google Chrome Flaw CVE-2025-4664 May Enable Account Takeover](https://www.blackhatethicalhacking.com/news/google-chrome-flaw-cve-2025-4664-may-enable-account-takeover/) - Google has released an emergency security update for Chrome to patch a high-severity vulnerability (CVE-2025-4664) that could allow remote attackers to leak cross-origin data and, in some cases, achieve full account takeover. - [ClickFix Malware Campaign Now Hits Linux](https://www.blackhatethicalhacking.com/news/clickfix-malware-campaign-now-hits-linux/) - The threat group known as APT36 (aka Transparent Tribe) has launched a new ClickFix campaign targeting all major desktop operating systems—Windows, Linux, and macOS—with tailored social engineering techniques to deliver malware. - [Offensive Security Tool: QuickResponseC2](https://www.blackhatethicalhacking.com/tools/quickresponsec2/) - QuickResponseC2 is a highly covert Command and Control (C2) framework and it operates by leveraging QR codes and HTTP(S) for indirect communication between an attacker and a compromised system. - [Hard-Coded JWT Bug in Cisco IOS XE Allows Root RCE on Wireless LAN Controllers](https://www.blackhatethicalhacking.com/news/hard-coded-jwt-bug-in-cisco-ios-xe-allows-root-rce-on-wireless-lan-controllers/) - Cisco has patched a maximum severity vulnerability in its IOS XE Software for Wireless LAN Controllers, which could allow unauthenticated remote attackers to fully compromise affected devices. The flaw, identified as CVE-2025-20188, carries a CVSS score of 10.0 and is rooted in the use of a hard-coded JSON Web Token (JWT). - [Exploit Tool Released for Critical Apache Parquet RCE Flaw](https://www.blackhatethicalhacking.com/news/exploit-tool-released-for-critical-apache-parquet-rce-flaw/) - Cybersecurity researchers from F5 Labs have released a working proof-of-concept (PoC) exploit for a critical deserialization flaw in Apache Parquet, tracked as CVE-2025-30065. The release underscores the potential real-world impact of the vulnerability, despite its complex exploitation path. - [Fake Booking.com Emails Trick Hotel Staff into Installing AsyncRAT via Fake CAPTCHA](https://www.blackhatethicalhacking.com/news/fake-booking-com-emails-trick-hotel-staff-into-installing-asyncrat-via-fake-captcha/) - A sophisticated phishing campaign is making rounds in the hospitality sector, using forged Booking.com emails to trick hotel employees into running malicious commands. The scam is designed to deploy AsyncRAT — a powerful remote access trojan capable of giving attackers deep control over infected systems. - [Critical AirPlay Vulnerabilities Allow Remote Code Execution, Data Theft, and DoS](https://www.blackhatethicalhacking.com/news/critical-airplay-vulnerabilities-allow-remote-code-execution-data-theft-and-dos/) - Security researchers have uncovered a series of high-severity flaws in Apple’s AirPlay protocol, potentially allowing attackers to remotely control and compromise AirPlay-enabled devices. The flaws, now patched, were codenamed “AirBorne” by Israeli cybersecurity firm Oligo Security. - [WordPress Malware Masquerades as Anti-Malware Plugin](https://www.blackhatethicalhacking.com/news/wordpress-malware-masquerades-as-anti-malware-plugin/) - Security researchers at Wordfence have identified a sophisticated piece of malware targeting WordPress websites. Disguised as a legitimate anti-malware plugin, this threat uses file names like WP-antymalwary-bot.php to blend in, while silently granting attackers remote access and control over infected sites. - [Darcula Phishing Suite Adds AI to Mass-Produce Multilingual Scam Pages](https://www.blackhatethicalhacking.com/news/darcula-phishing-suite-adds-ai-to-mass-produce-multilingual-scam-pages/) - Cybersecurity experts at Netcraft have issued a warning about a significant evolution in phishing infrastructure: the integration of artificial intelligence into the Darcula phishing-as-a-service (PhaaS) platform. The enhanced toolkit, dubbed Darcula-Suite, now enables cybercriminals to build highly customized, multilingual phishing pages with minimal technical effort. - [Browser Extension-Based Security Tool: FrogPost](https://www.blackhatethicalhacking.com/tools/frogpost/) - FrogPost is a Chrome extension for testing and analyzing the security of postMessage communications between iframes. It helps developers and security professionals identify vulnerabilities in message-handling implementations. - [New Linux Rootkit ‘Curing’ Exploits io_uring to Evade System Call Monitoring](https://www.blackhatethicalhacking.com/news/new-linux-rootkit-curing-exploits-io_uring-to-evade-system-call-monitoring/) - A new proof-of-concept rootkit dubbed Curing highlights a critical blind spot in Linux runtime security tools by abusing the io_uring interface to operate without triggering system call monitors. The technique effectively bypasses traditional defenses used by major security solutions. - [Recon Tool: RADAR](https://www.blackhatethicalhacking.com/tools/radar/) - RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services used by domains through their DNS footprints. - [MITRE Warns of CVE Funding Crisis as Contract Expires April 16](https://www.blackhatethicalhacking.com/news/mitre-warns-of-cve-funding-crisis-as-contract-expires-april-16/) - Today marks a potentially devastating turning point in global cybersecurity coordination, as funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs—cornerstones of vulnerability tracking—officially expires. - [Over 16,000 Fortinet Devices Compromised with Stealth Symlink Backdoor](https://www.blackhatethicalhacking.com/news/over-16000-fortinet-devices-compromised-with-stealth-symlink-backdoor/) - Today marks a potentially devastating turning point in global cybersecurity coordination, as funding for the Common Vulnerabilities and Exposures (CVE) and Common WSecurity researchers have detected 16,620 Fortinet devices compromised with a covert symbolic link backdoor, granting attackers persistent, read-only access to sensitive files—even on systems that were previously patched against the original vulnerabilities.eakness Enumeration (CWE) programs—cornerstones of vulnerability tracking—officially expires. - [Offensive Security Tool: CTFPacker](https://www.blackhatethicalhacking.com/tools/ctfpacker/) - CTFPacker is a customizable Windows payload packer and loader designed to help red teamers, penetration testers, and CTF participants evade detection from antivirus (AV) and EDR (Endpoint Detection and Response) systems during offensive operations. - [New Neptune RAT Variant Spreads via YouTube and Telegram, Targets Windows Users](https://www.blackhatethicalhacking.com/news/new-neptune-rat-variant-spreads-via-youtube-and-telegram-targets-windows-users/) - Oracle has confirmed to some customers that attackers stole old client credentials after breaching a "legacy environment" last used in 2017. However, leaked data suggests the breach is far more recent than Oracle claims. - [Recon Tool: spoof_checker](https://www.blackhatethicalhacking.com/tools/spoof_checker/) - spoof_checker is a tool designed to identify misconfigurations in email authentication mechanisms and check for subdomain takeover vulnerabilities. - [Hertz Confirms Data Breach After Cleo Zero-Day Attack by Clop Ransomware Gang](https://www.blackhatethicalhacking.com/news/hertz-confirms-data-breach-after-cleo-zero-day-attack-by-clop-ransomware-gang/) - Car rental giant Hertz Corporation has confirmed a major data breach after attackers exploited zero-day vulnerabilities in the Cleo managed file transfer platform, resulting in the theft of sensitive customer information for users of its Hertz, Thrifty, and Dollar rental brands. - [Critical FortiSwitch Vulnerability Let Attackers Remotely Change Admin Passwords](https://www.blackhatethicalhacking.com/news/critical-fortiswitch-vulnerability-let-attackers-remotely-change-admin-passwords/) - Fortinet has released emergency patches for a critical vulnerability in its FortiSwitch networking devices that could allow unauthenticated attackers to remotely reset administrator passwords using the device's graphical user interface (GUI). - [Meta Patches WhatsApp for Windows Vulnerability That Enables Code Execution via File Spoofing](https://www.blackhatethicalhacking.com/news/meta-patches-whatsapp-for-windows-vulnerability-that-enables-code-execution-via-file-spoofing/) - Meta has released a security update for WhatsApp for Windows, urging users to upgrade immediately to version 2.2450.6 to fix a vulnerability tracked as CVE-2025-30401. This critical spoofing flaw could allow attackers to trick users into running malicious code simply by opening what appears to be a benign file. - [Best 5 Automated Identity Threat Protection Solutions](https://www.blackhatethicalhacking.com/articles/best-5-automated-identity-threat-protection-solutions/) - Discover 5 automated identity threat protection solutions that leverage AI and real-time analytics to defend against cyber threats, data breaches, and identity theft. - [Chrome Users at Risk: Zero-Day Vulnerability Exploited in Phishing Campaign](https://www.blackhatethicalhacking.com/news/chrome-users-at-risk-zero-day-vulnerability-exploited-in-phishing-campaign/) - Google has released an urgent security update to fix a high-severity zero-day vulnerability in Chrome that was actively exploited in cyber-espionage attacks targeting Russian organizations. - [Kali Linux 2025.1a Released: New hoaxshell Tool, 2025 Theme Refresh, and NetHunter Updates](https://www.blackhatethicalhacking.com/news/kali-linux-2025-1a-released-new-hoaxshell-tool-2025-theme-refresh-and-nethunter-updates/) - Kali Linux 2025.1a is officially here, bringing with it significant updates to desktop environments, Raspberry Pi support, NetHunter features, and new security tools. Originally planned as Kali 2025.1, a last-minute bug required a quick rebuild, leading to the 2025.1a release. - [Israeli Spyware ‘Graphite’ Exploits WhatsApp: 0-Click Attack Uncovered](https://www.blackhatethicalhacking.com/news/israeli-spyware-graphite-exploits-whatsapp-0-click-attack-uncovered/) - Cybersecurity researchers at Citizen Lab, a digital rights watchdog based at the University of Toronto, have exposed the use of a highly sophisticated spyware tool named Graphite. Developed by Israeli cybersecurity firm Paragon Solutions, Graphite was deployed to target high-profile individuals, including journalists and human rights activists, by exploiting a zero-day vulnerability in WhatsApp. - [Offensive Security Tool: DS Viper](https://www.blackhatethicalhacking.com/tools/ds-viper/) - DS Viper is a post-exploitation tool specifically designed to bypass Windows Defender and various Endpoint Detection and Response (EDR) systems. - [Oracle Breach Exposes Millions of Stolen Credentials from Legacy Cloud System](https://www.blackhatethicalhacking.com/news/oracle-breach-exposes-millions-of-stolen-credentials-from-legacy-cloud-system/) - Oracle has confirmed to some customers that attackers stole old client credentials after breaching a "legacy environment" last used in 2017. However, leaked data suggests the breach is far more recent than Oracle claims. - [Apple Backports Zero-Day Fixes to Older iOS and macOS Versions](https://www.blackhatethicalhacking.com/news/apple-backports-zero-day-fixes-to-older-ios-and-macos-versions/) - Apple has released critical security updates that backport fixes for actively exploited zero-day vulnerabilities to older iOS and macOS versions. - [Firefox Update Fixes Sandbox Escape Flaw Similar to Chrome Zero-Day](https://www.blackhatethicalhacking.com/news/firefox-update-fixes-sandbox-escape-flaw-similar-to-chrome-zero-day/) - Mozilla has released urgent security updates to fix a critical sandbox escape vulnerability in its Firefox browser, closely mirroring a recently exploited Chrome zero-day flaw. - [Offensive Security Tool: Bxss - Blind XSS Scanner](https://www.blackhatethicalhacking.com/tools/bxss-blind-xss-scanner/) - Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications. - [Massive GitHub Phishing Attack Targets 12,000 Repositories with Fake Security Alerts](https://www.blackhatethicalhacking.com/news/massive-github-phishing-attack-targets-12000-repositories-with-fake-security-alerts/) - A large-scale phishing campaign has targeted nearly 12,000 GitHub repositories, tricking developers into granting full access to their accounts and code. The attack, which is still ongoing, involves fake "Security Alert" issues warning of unauthorized login attempts. - [ChatGPT Vulnerability Exploited in Over 10,000 Attacks Within a Week](https://www.blackhatethicalhacking.com/news/chatgpt-vulnerability-exploited-in-over-10000-attacks-within-a-week/) - Cybersecurity firm Veriti has uncovered active exploitation of a vulnerability in OpenAI’s ChatGPT infrastructure, highlighting the risks posed by CVE-2024-27564—a Server-Side Request Forgery (SSRF) flaw. While classified as a medium-severity vulnerability, the flaw is being aggressively weaponized, with thousands of attack attempts detected. - [Major Cyber Attacks that shaped 2024](https://www.blackhatethicalhacking.com/articles/major-cyber-attacks-that-shaped-2024/) - In this article, we dissect the most devastating cyberattacks of 2024—not just what happened, but why they happened, how attackers exploited vulnerabilities, and the lessons they left behind. - [Massive Botnet Attack Targets Microsoft 365: 130,000 Devices Exploiting Legacy Authentication](https://www.blackhatethicalhacking.com/news/massive-botnet-attack-targets-microsoft-365-130000-devices-exploiting-legacy-authentication/) - A sophisticated botnet-powered cyber attack is putting Microsoft 365 users at risk. Security researchers at SecurityScorecard have reported that over 130,000 compromised devices are being used to launch coordinated password-spraying attacks against Microsoft 365 accounts. - [Vulnerability Management Tool: CVE Prioritizer](https://www.blackhatethicalhacking.com/tools/cve-prioritizer/) - CVE Prioritizer is a vulnerability management tool designed to help organizations prioritize vulnerability remediation by integrating multiple vulnerability assessment metrics. - [Offensive Security Tool: HExHTTP](https://www.blackhatethicalhacking.com/tools/hexhttp/) - HExHTTP is a tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviors. - [Facebook Warns of FreeType Vulnerability Actively Exploited by Hackers](https://www.blackhatethicalhacking.com/news/facebook-warns-of-freetype-vulnerability-actively-exploited-by-hackers/) - Facebook has issued a warning about a critical vulnerability in FreeType, an open-source font rendering library widely used in Linux, Android, game engines, and online platforms. The flaw, tracked as CVE-2025-27363, affects all FreeType versions up to 2.13.0 and could allow attackers to execute arbitrary code on vulnerable systems. - [X Goes Down Worldwide as Hacktivists Launch Major DDoS Assault](https://www.blackhatethicalhacking.com/news/x-goes-down-worldwide-as-hacktivists-launch-major-ddos-assault/) - On Monday, X (formerly Twitter) suffered multiple global outages due to what owner Elon Musk described as a "massive cyberattack." While Musk did not explicitly confirm a DDoS (Distributed Denial-of-Service) attack, he suggested that the attack involved "a large, coordinated group and/or a country." - [Enhancing Connectivity with Ivory Coast: Leverage a Virtual Number](https://www.blackhatethicalhacking.com/articles/enhancing-connectivity-with-ivory-coast-leverage-a-virtual-number/) - Enhance your connectivity in Ivory Coast with a virtual number from Virtnum. Establish a local presence, secure your communications, and enjoy cost-effective, seamless interactions with businesses and individuals. - [LinkedIn Phishing Scam Uses Fake InMail to Deliver ConnectWise RAT](https://www.blackhatethicalhacking.com/news/linkedin-phishing-scam-uses-fake-inmail-to-deliver-connectwise-rat/) - Cybersecurity researchers at Cofense have uncovered a LinkedIn phishing campaign distributing the ConnectWise Remote Access Trojan (RAT). Unlike traditional LinkedIn-themed phishing attacks that steal credentials, this campaign delivers malware via spoofed InMail notifications. - [New ClickFix Phishing Campaign Deploys Havoc Framework via PowerShell](https://www.blackhatethicalhacking.com/news/new-clickfix-phishing-campaign-deploys-havoc-framework-via-powershell/) - A newly discovered ClickFix phishing campaign is tricking users into executing malicious PowerShell commands that deploy the Havoc post-exploitation framework for remote access. - [New Linux Backdoor “Auto-color” Targets Government & Education Sectors](https://www.blackhatethicalhacking.com/news/new-linux-backdoor-auto-color-targets-government-education-sectors/) - A newly discovered Linux backdoor malware, dubbed Auto-color, is actively targeting educational institutions and government organizations across North America and Asia. - [GitVenom: Fake GitHub Repositories Spreading Malware to Developers](https://www.blackhatethicalhacking.com/news/gitvenom-fake-github-repositories-spreading-malware-to-developers/) - A newly exposed malware campaign, GitVenom, is using fake GitHub repositories to infect developers with credential-stealing malware, cryptocurrency hijackers, and remote administration tools (RATs). - [Online Privacy Myths Busted: What You Need to Know](https://www.blackhatethicalhacking.com/articles/online-privacy-myths-busted-what-you-need-to-know/) - Discover the truth about online privacy! This article debunks common myths, from incognito mode misconceptions to social media privacy pitfalls, and provides expert tips to stay secure online. - [What Blockchain Can Teach Us About Cybersecurity](https://www.blackhatethicalhacking.com/articles/what-blockchain-can-teach-us-about-cybersecurity/) - Discover how blockchain is reshaping cybersecurity by decentralizing trust, enhancing data integrity, and redefining security models. Learn why transparency, immutability, and mathematical proof are the future of digital protection. - [Bybit Crypto Exchange Hacked: $1.4 Billion ETH Stolen from Cold Wallet](https://www.blackhatethicalhacking.com/news/bybit-crypto-exchange-hacked-1-4-billion-eth-stolen-from-cold-wallet/) - Bybit, the world’s second-largest cryptocurrency exchange, has confirmed a major security breach, resulting in the theft of approximately $1.4 billion worth of Ethereum (ETH) from one of its cold wallets—which are generally considered among the safest storage methods for digital assets. - [Fake Browser Updates Now Spread New FrigidStealer Malware to Mac, Windows, and Android](https://www.blackhatethicalhacking.com/news/fake-browser-updates-now-spread-new-frigidstealer-malware-to-mac-windows-and-android/) - Cybercriminals are once again using fake browser update scams to distribute the new FrigidStealer malware, now targeting users across macOS, Windows, and Android. - [OpenSSH Patches Two Critical Vulnerabilities, One Undetected for a Decade](https://www.blackhatethicalhacking.com/news/openssh-patches-two-critical-vulnerabilities-one-undetected-for-a-decade/) - OpenSSH has released security updates to fix two vulnerabilities: a man-in-the-middle (MitM) flaw and a denial-of-service (DoS) issue. Notably, one of these vulnerabilities has remained undiscovered for over a decade. - [New Golang Backdoor Uses Telegram API for Covert Command and Control](https://www.blackhatethicalhacking.com/news/new-golang-backdoor-uses-telegram-api-for-covert-command-and-control/) - Cybersecurity researchers at Netskope have uncovered a new Golang-based backdoor that leverages Telegram’s API for command and control (C2) operations. - [FinalDraft Malware Uses Outlook Drafts for Covert C2](https://www.blackhatethicalhacking.com/news/finaldraft-malware-uses-outlook-drafts-for-covert-c2/) - A newly discovered malware named FinalDraft has been observed using Outlook email drafts as a command-and-control (C2) channel in attacks against a South American government ministry. - [Recon Tool: getJS](https://www.blackhatethicalhacking.com/tools/getjs/) - getJS is a tool designed for extracting JavaScript sources from web pages, HTTP responses, and URLs. - [whoAMI Attack Lets Hackers Gain Code Execution in AWS Accounts via AMI Name Confusion](https://www.blackhatethicalhacking.com/news/whoami-attack-lets-hackers-gain-code-execution-in-aws-accounts-via-ami-name-confusion/) - Security researchers have uncovered a name confusion attack that allows unauthorized access to Amazon Web Services (AWS) accounts through the manipulation of Amazon Machine Images (AMIs). - [Critical SonicWall VPN Flaw Lets Hackers Hijack Sessions](https://www.blackhatethicalhacking.com/news/critical-sonicwall-vpn-flaw-lets-hackers-hijack-sessions/) - Security researchers at Bishop Fox have published full exploitation details for CVE-2024-53704, a critical vulnerability in SonicOS SSLVPN that allows attackers to bypass authentication and hijack active VPN sessions. - [Massive Brute Force Attack Using 2.8 Million IPs Targets Networking Devices](https://www.blackhatethicalhacking.com/news/massive-brute-force-attack-using-2-8-million-ips-targets-networking-devices/) - A large-scale brute force attack is underway, attempting to guess login credentials for networking devices from Palo Alto Networks, Ivanti, and SonicWall. - [Hackers Spoof Microsoft ADFS Login Pages to Steal Credentials and Bypass MFA](https://www.blackhatethicalhacking.com/news/hackers-spoof-microsoft-adfs-login-pages-to-steal-credentials-and-bypass-mfa/) - A phishing campaign is targeting Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. - [Digital Forensics Tool: MemProcFS-Analyzer](https://www.blackhatethicalhacking.com/tools/memprocfs-analyzer/) - MemProcFS-Analyzer is a PowerShell script designed to streamline memory forensics by integrating with MemProcFS (Memory Process File System). - [Top 10 Things to Do After Installing Kali Linux](https://www.blackhatethicalhacking.com/articles/top-10-things-to-do-after-installing-kali-linux/) - This article will walk you through the top 10 things you should do right after installing Kali Linux. From changing the default password to customizing your terminal and adding useful features, these steps will help you create a more efficient and personalized Kali Linux environment. - [New ‘Browser Syncjacking’ Attack Uses Chrome Extensions for Full Device Takeover](https://www.blackhatethicalhacking.com/news/new-browser-syncjacking-attack-uses-chrome-extensions-for-full-device-takeover/) - Security researchers at SquareX have discovered a new stealthy attack method, called ‘Browser Syncjacking’, which exploits Google Chrome’s sync feature and managed profiles to gain full control over a victim’s browser and operating system. - [Cloudflare CDN Flaw Enables Zero-Click Geo-Location Attack via Signal, Discord](https://www.blackhatethicalhacking.com/news/cloudflare-cdn-flaw-enables-zero-click-geo-location-attack-via-signal-discord/) - A newly discovered flaw in Cloudflare's content delivery network (CDN) could allow attackers to approximate a target's location within 50-300 miles by sending them an image on platforms like Signal and Discord. This zero-click attack raises serious privacy concerns for journalists, activists, and other privacy-conscious individuals. - [New Mirai-Based Botnet Exploits Zero-Day Vulnerabilities in Industrial and Smart Devices](https://www.blackhatethicalhacking.com/news/new-mirai-based-botnet-exploits-zero-day-vulnerabilities-in-industrial-and-smart-devices/) - A new sophisticated Mirai-based botnet is leveraging zero-day exploits and custom vulnerabilities to compromise industrial routers and smart home devices. First observed in February 2024, this botnet has rapidly evolved, exploiting both n-day and zero-day flaws, including a critical vulnerability, CVE-2024-12856, in Four-Faith industrial routers. - [WP3.XYZ Malware Hijacks 5,000+ WordPress Sites with Rogue Admins](https://www.blackhatethicalhacking.com/news/wp3-xyz-malware-hijacks-5000-wordpress-sites-with-rogue-admins/) - A newly discovered malware campaign has compromised over 5,000 WordPress sites using WP3.XYZ malware, creating rogue admin accounts, installing malicious plugins, and exfiltrating sensitive data. - [Cybercriminals Exploit Apple iMessage to Bypass Phishing Protection](https://www.blackhatethicalhacking.com/news/cybercriminals-exploit-apple-imessage-to-bypass-phishing-protection/) - Cybercriminals are deploying a cunning tactic to bypass Apple iMessage's built-in phishing protections, tricking users into re-enabling disabled links in phishing messages. This technique leverages human behavior to target unsuspecting victims and gain access to sensitive information. - [Breaking Down Active and Passive Reconnaissance](https://www.blackhatethicalhacking.com/articles/breaking-down-active-and-passive-recon/) - Reconnaissance—or "recon"—is the initial phase of hacking, during which information about a target is collected to map its structure, vulnerabilities, and defenses. - [FortiGate Leak: Over 15,000 Devices' Configs and VPN Credentials Exposed by New Hacking Group](https://www.blackhatethicalhacking.com/news/fortigate-leak-over-15000-devices-configs-and-vpn-credentials-exposed-by-new-hacking-group/) - A newly emerged hacking group, known as the "Belsen Group," has leaked the configuration files, IP addresses, and VPN credentials for more than 15,000 FortiGate devices. The data, containing sensitive technical details, was made freely available on the dark web, posing significant risks to organizations worldwide. - [Offensive Security Tool: XSRFProbe](https://www.blackhatethicalhacking.com/tools/xsrfprobe/) - XSRFProbe is a tool designed to detect, audit, and exploit Cross-Site Request Forgery (CSRF/XSRF) vulnerabilities. It combines a robust crawling engine with systematic checks to identify vulnerabilities, assess related bypasses, and generate exploitative proof-of-concept scripts. - [Offensive Security Tool: Penelope](https://www.blackhatethicalhacking.com/tools/penelope/) - Penelope is a shell handler designed to be easy to use and intended to replace Netcat when exploiting RCE vulnerabilities. - [Offensive Security Tool: ACEshark](https://www.blackhatethicalhacking.com/tools/aceshark/) - ACEshark is a Python-based utility that facilitates the rapid extraction and analysis of Windows service configurations and Access Control Entries (ACEs). It removes the dependency on external tools like accesschk.exe or other non-native binaries. - [Python PyPI Supply Chain Attack: Hackers Hide Malware in Fake DeepSeek Packages](https://www.blackhatethicalhacking.com/news/python-pypi-supply-chain-attack-hackers-hide-malware-in-fake-deepseek-packages/) - Cybersecurity researchers at the Positive Technologies Expert Security Center (PT ESC) have uncovered a malware campaign targeting the Python Package Index (PyPI), a widely used repository for Python software. The attack specifically targeted developers, machine learning engineers, and AI enthusiasts who might integrate DeepSeek AI into their projects. - [WhatsApp Exposes Zero-Click Exploit Spyware Campaign Linked to Israeli Firm Paragon](https://www.blackhatethicalhacking.com/news/whatsapp-exposes-zero-click-exploit-spyware-campaign-linked-to-israeli-firm-paragon/) - WhatsApp has uncovered a targeted spyware campaign linked to the Israeli firm Paragon Solutions, which affected 90 individuals, including journalists and civil society members. Meta (WhatsApp’s parent company) has taken direct action to notify victims and neutralize the attack. - [New Aquabot Variant Exploiting Mitel SIP Phones via CVE-2024-41710](https://www.blackhatethicalhacking.com/news/new-aquabot-variant-exploiting-mitel-sip-phones-via-cve-2024-41710/) - A new Mirai-based botnet malware variant, Aquabotv3, has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. This latest attack campaign was discovered by Akamai's Security Intelligence and Response Team (SIRT), which reports that Aquabotv3 is the third known iteration of the Aquabot malware family. - [Apple Patches 2025's First Zero-Day Vulnerability Exploited in iPhone Attacks](https://www.blackhatethicalhacking.com/news/apple-patches-2025s-first-zero-day-vulnerability-exploited-in-iphone-attacks/) - Apple has released urgent security updates to address the first zero-day vulnerability of 2025, which has been actively exploited in attacks targeting iPhone users. - [UnitedHealth Data Breach Affects 190 Million Americans in Largest Healthcare Cyberattack of 2024](https://www.blackhatethicalhacking.com/news/unitedhealth-data-breach-affects-190-million-americans-in-largest-healthcare-cyberattack-of-2024/) - UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the ransomware attack targeting its subsidiary, Change Healthcare. This number is nearly double the 100 million individuals initially disclosed in October 2024. - [HPE Investigates Claims of Data Breach and Source Code Disclosure by Hackers](https://www.blackhatethicalhacking.com/news/hpe-investigates-claims-of-data-breach-and-source-code-disclosure-by-hackers/) - Hewlett Packard Enterprise (HPE) is investigating claims of a potential breach after a threat actor, IntelBroker, alleged that they accessed sensitive documents from the company’s developer environments. - [Malicious npm and PyPI Packages Steal Solana Private Keys and Delete Sensitive Data](https://www.blackhatethicalhacking.com/news/malicious-npm-and-pypi-packages-steal-solana-private-keys-and-delete-sensitive-data/) - Cybersecurity researchers have identified three sets of malicious packages in the npm and Python Package Index (PyPI) repositories, which target developers by stealing Solana private keys, exfiltrating environment variables, and even deleting sensitive files on infected systems. - [Severe Vulnerability in W3 Total Cache Plugin Exposes Over a Million WordPress Sites to Attacks](https://www.blackhatethicalhacking.com/news/severe-vulnerability-in-w3-total-cache-plugin-exposes-over-a-million-wordpress-sites-to-attacks/) - A critical vulnerability in the W3 Total Cache plugin, installed on over 1 million WordPress sites, could allow attackers to access sensitive information, including cloud-based app metadata. Despite a fix being released, hundreds of thousands of websites remain unpatched, leaving them exposed. - [SonicWall Urges Immediate Firmware Upgrade to Patch Critical Firewall Vulnerabilities](https://www.blackhatethicalhacking.com/news/sonicwall-urges-immediate-firmware-upgrade-to-patch-critical-firewall-vulnerabilities/) - SonicWall has issued an urgent advisory to its customers, emphasizing the need to upgrade their SonicOS firmware to address a critical authentication bypass vulnerability (CVE-2024-53704) affecting SSL VPN and SSH management interfaces. This flaw is rated 8.2 (high severity) on the CVSS scale and is actively exploitable, posing significant security risks. - [Ficora and Capsaicin Botnets Exploit Outdated D-Link Routers in Global DDoS Surge](https://www.blackhatethicalhacking.com/news/ficora-and-capsaicin-botnets-exploit-outdated-d-link-routers-in-global-ddos-surge/) - Two botnets, Ficora and Capsaicin, are escalating their attacks on D-Link routers that are either outdated or have reached their end of life. - [Cyber Threats of Tomorrow: Are You Ready for What’s Next?](https://www.blackhatethicalhacking.com/articles/cyber-threats-of-tomorrow/) - Explore the future of cybersecurity with insights into advanced persistent threats, AI-driven attacks, quantum computing risks, and IoT vulnerabilities. - [OpenSCAP — Ensuring Information Security Compliance](https://www.blackhatethicalhacking.com/articles/openscap-ensuring-information-security-compliance/) - In today’s cybersecurity landscape, organizations face an increasing number of cyberattacks, making it essential for Information Security teams to be highly prepared to identify, mitigate, and respond to these threats. One of the key components of these defense strategies is the Security Operations Center (SOC). - [Network Security Tool: Sara (RouterOS Security Inspector)](https://www.blackhatethicalhacking.com/tools/sara/) - Sara is an autonomous security auditing tool designed specifically for analyzing RouterOS configurations on MikroTik hardware. This tool uses regular expressions to scan and identify potential vulnerabilities in configuration files. - [Hackers Exploit HubSpot Forms to Steal Microsoft Azure Credentials from Thousands](https://www.blackhatethicalhacking.com/news/hackers-exploit-hubspot-forms-to-steal-microsoft-azure-credentials-from-thousands/) - A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK has been leveraging HubSpot’s Free Form Builder and DocuSign-like PDFs to steal Microsoft Azure account credentials. - [Kali Linux 2024.4: 14 New Tools, Python 3.12, and Raspberry Pi Enhancements](https://www.blackhatethicalhacking.com/news/kali-linux-2024-4-14-new-tools-python-3-12-and-raspberry-pi-enhancements/) - The final Kali Linux 2024 release delivers essential updates, including the move to Python 3.12, customizable Raspberry Pi images, and 14 new tools, while also marking the end of i386 support. - [Glutton: A New Modular PHP Backdoor](https://www.blackhatethicalhacking.com/news/glutton-a-new-modular-php-backdoor/) - Cybersecurity researchers have discovered a new PHP-based malware framework named Glutton, which has been deployed in attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. - [Recon Tool: Exposor](https://www.blackhatethicalhacking.com/tools/exposor/) - Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax. - [Pumakit: A Stealthy Linux Rootkit Targeting Pre-5.7 Kernels](https://www.blackhatethicalhacking.com/news/pumakit-a-stealthy-linux-rootkit-targeting-pre-5-7-kernels/) - A newly discovered technique leverages the Windows UI Automation (UIA) framework to perform malicious activities while bypassing endpoint detection and response (EDR) solutions, according to research by AkA newly identified Linux rootkit malware, named Pumakit, has been discovered leveraging stealthy techniques and advanced privilege escalation methods to evade detection and compromise systems.amai security researcher Tomer Peled. - [Exploiting Windows UI Automation: A New Stealthy Attack Vector](https://www.blackhatethicalhacking.com/news/exploiting-windows-ui-automation-a-new-stealthy-attack-vector/) - A newly discovered technique leverages the Windows UI Automation (UIA) framework to perform malicious activities while bypassing endpoint detection and response (EDR) solutions, according to research by Akamai security researcher Tomer Peled. - [Hackers Exploit Zero-Day in Cleo MFT Software, Enabling RCE and Data Theft](https://www.blackhatethicalhacking.com/news/hackers-exploit-zero-day-in-cleo-mft-software-enabling-rce-and-data-theft/) - Hackers are exploiting a zero-day vulnerability in Cleo's managed file transfer (MFT) software to breach corporate networks and conduct data theft attacks. - [Critical OpenWrt Vulnerability Allowed Potential Malicious Firmware Distribution via Attended Sysupgrade](https://www.blackhatethicalhacking.com/news/critical-openwrt-vulnerability-allowed-potential-malicious-firmware-distribution-via-attended-sysupgrade/) - A critical vulnerability (CVE-2024-54143) in OpenWrt's Attended Sysupgrade feature, used to create custom firmware images, could have been exploited to distribute malicious firmware packages. - [Novel QR Code Exploit Circumvents Browser Isolation Security Measures](https://www.blackhatethicalhacking.com/news/novel-qr-code-exploit-circumvents-browser-isolation-security-measures/) - Mandiant researchers have unveiled a novel method to bypass browser isolation technology, using QR codes to enable command-and-control (C2) operations. - [New DroidBot Malware Targets Cryptocurrency and Banking Apps in Europe](https://www.blackhatethicalhacking.com/news/new-droidbot-malware-targets-cryptocurrency-and-banking-apps-in-europe/) - A new phishing-as-a-service (PhaaS) platform named Rockstar 2FA has emerged, enabling adversary-in-the-middle (AiTM) attacks to bypass multifactor authentication (MFA) and steal Microsoft 365 credentials - [New PhaaS 'Rockstar 2FA' Bypasses MFA to Hijack Microsoft 365 Accounts](https://www.blackhatethicalhacking.com/news/new-phaas-rockstar-2fa-bypasses-mfa-to-hijack-microsoft-365-accounts/) - A new phishing-as-a-service (PhaaS) platform named Rockstar 2FA has emerged, enabling adversary-in-the-middle (AiTM) attacks to bypass multifactor authentication (MFA) and steal Microsoft 365 credentials - [How to Protect Your Personal Information While Playing at Casinos](https://www.blackhatethicalhacking.com/articles/how-to-protect-your-personal-information-while-playing-at-casinos/) - Learn how to protect your personal information while playing at casinos. Discover tips on choosing trusted casinos, using secure passwords, enabling 2FA, and staying safe online. - [Cybersecurity Challenges Facing Modern Casinos](https://www.blackhatethicalhacking.com/articles/cybersecurity-challenges-facing-modern-casinos/) - Discover the top cybersecurity challenges modern casinos face, including data breaches, ransomware, and insider threats, and learn how they ensure safe gaming experiences. - [Hackers Exploit Godot Game Engine with New Malware, Infecting 17,000 Systems in 3 Months](https://www.blackhatethicalhacking.com/news/hackers-exploit-godot-game-engine-with-new-malware-infecting-17000-systems-in-3-months/) - Hackers have weaponized the widely-used Godot game engine to launch the GodLoader malware, infecting over 17,000 devices in just three months. This malware exploits Godot's scripting capabilities to evade detection and execute malicious code, impacting users on major platforms, including Windows, macOS, Linux, Android, and iOS. - [QNAP Issues Emergency Fixes for Critical NAS and Router Flaws](https://www.blackhatethicalhacking.com/news/qnap-issues-emergency-fixes-for-critical-nas-and-router-flaws/) - QNAP has released critical security updates over the weekend to address multiple vulnerabilities affecting its NAS systems and routers. These flaws include three "critical" severity issues that could allow unauthorized system access and remote code execution. Users are strongly urged to update their devices immediately. - [New Ghost Tap Attack: The Next-Level Credit Card Scam Exploiting Apple Pay and Google Pay](https://www.blackhatethicalhacking.com/news/new-ghost-tap-attack-the-next-level-credit-card-scam-exploiting-apple-pay-and-google-pay/) - Cybercriminals have devised a sophisticated scheme, dubbed 'Ghost Tap,' to exploit stolen credit card details linked to mobile payment systems like Apple Pay and Google Pay. This method leverages Near Field Communication (NFC) relays to enable global money mules to perform fraudulent transactions at Point-of-Sale (PoS) terminals. - [Apple Rushes to Patch Two Zero-Day Exploits Targeting Intel-Based Macs](https://www.blackhatethicalhacking.com/news/apple-rushes-to-patch-two-zero-day-exploits-targeting-intel-based-macs/) - Apple has released emergency security updates to patch two actively exploited zero-day vulnerabilities targeting Intel-based macOS systems. The vulnerabilities affect the JavaScriptCore and WebKit components, both of which are critical to macOS and other Apple operating systems. - [Chinese Hackers Exploit Zero-Day in FortiClient VPN with 'DeepData' Toolkit](https://www.blackhatethicalhacking.com/news/chinese-hackers-exploit-zero-day-in-forticlient-vpn-with-deepdata-toolkit/) - Chinese threat actor BrazenBamboo has been exploiting a previously undisclosed zero-day vulnerability in Fortinet's FortiClient Windows VPN client using a modular post-exploitation toolkit named DeepData. This flaw enables the attackers to extract VPN credentials directly from memory after users authenticate. - [Critical Flaw in Popular WordPress Plugin Puts Millions of Websites at Risk](https://www.blackhatethicalhacking.com/news/critical-flaw-in-popular-wordpress-plugin-puts-millions-of-websites-at-risk/) - Wordfence has identified a severe authentication bypass vulnerability in the WordPress plugin 'Really Simple Security', previously known as 'Really Simple SSL'. This critical flaw affects both the free and Pro versions of the plugin, which is used on over four million websites. - [Offensive Security Tool: emp3r0r](https://www.blackhatethicalhacking.com/tools/emp3r0r/) - emp3r0r is a post-exploitation framework designed for both Linux and Windows platforms. - [Glove Stealer Malware Evades Chrome’s App-Bound Encryption to Target Cookies](https://www.blackhatethicalhacking.com/news/glove-stealer-malware-evades-chromes-app-bound-encryption-to-target-cookies/) - Cybersecurity researchers have uncovered a new malware strain named Glove Stealer, capable of bypassing Google Chrome's App-Bound encryption to exfiltrate browser cookies and sensitive data. Identified by Gen Digital, this malware appears to be in its early development stages, with minimal obfuscation or protection mechanisms. - [Exploring Careers in Cybersecurity: Skills and Opportunities](https://www.blackhatethicalhacking.com/articles/exploring-careers-in-cybersecurity-skills-and-opportunities/) - As cyber threats become increasingly sophisticated, cybersecurity has come up as one of the most critical fields in technology, offering a variety of career opportunities. - [New RustyAttr Trojan Evades macOS Security Using Hidden Metadata](https://www.blackhatethicalhacking.com/news/new-rustyattr-trojan-evades-macos-security-using-hidden-metadata/) - Hackers have deployed a novel macOS trojan called RustyAttr that uses an innovative evasion technique by hiding malicious code in extended file attributes (EAs). This method, discovered by Group-IB, leverages custom file metadata to avoid detection and utilizes decoy PDF files to maintain discretion, drawing similarities to previous tactics used by the Bundlore adware in 2020. - [The first botnet hijacker aka the Zombie King](https://www.blackhatethicalhacking.com/articles/the-first-botnet-hijacker-aka-the-zombie-king/) - Jeanson Ancheta didn't have the usual path that many hackers had in the old days but he carved his path through the use of his botnet army. This is the story of the first person to plead guilty to federal charges of hijacking computers for profit. - [GoIssue: Sophisticated Phishing Tool Targets GitHub Developer Credentials](https://www.blackhatethicalhacking.com/news/goissue-sophisticated-phishing-tool-targets-github-developer-credentials/) - Cybersecurity experts are sounding alarms over a sophisticated phishing tool called GoIssue, designed to execute large-scale email phishing campaigns targeting GitHub users. Marketed on the Runion forum by a threat actor named cyberdluffy (aka Cyber D' Luffy) this August, GoIssue has been promoted as a tool for extracting email addresses from public GitHub profiles and sending bulk messages to users' inboxes. - [New Ymir Ransomware Launches In-Memory Attacks Post-RustyStealer Infections](https://www.blackhatethicalhacking.com/news/new-ymir-ransomware-launches-in-memory-attacks-post-rustystealer-infections/) - A newly discovered ransomware variant, Ymir, is infiltrating networks previously compromised by the RustyStealer infostealer malware, indicating an organized shift towards cybercrime partnerships. First observed in July 2024 and targeting companies worldwide, Ymir is identified for its memory-based execution and innovative approach to encryption. - [Post-Exploitation Techniques: Maintaining Access, Escalating Privileges, Gathering Credentials, Covering Tracks](https://www.blackhatethicalhacking.com/articles/post-exploitation-techniques-maintaining-access-escalating-privileges-gathering-credentials-covering-tracks/) - In this article, we explore the essential techniques used during the post-exploitation phase in penetration testing and red teaming. We will demonstrate methods for covering traces within a system, such as modifying log files and timestamps, to evade detection and maintain long-term access for further testing. - [North Korean Hackers Deploy MacOS Malware with Unseen Stealth to Hijack Crypto Firms](https://www.blackhatethicalhacking.com/news/north-korean-hackers-deploy-macos-malware-with-unseen-stealth-to-hijack-crypto-firms/) - The North Korean hacking group, BlueNoroff, has initiated a new campaign named Hidden Risk, targeting cryptocurrency businesses with a sophisticated multi-stage malware designed specifically for macOS systems. This campaign employs phishing emails to lure victims with fake news about recent cryptocurrency activities. - [Winos4.0 Malware Framework Uses Gaming Apps to Infiltrate Windows Systems](https://www.blackhatethicalhacking.com/news/winos4-0-malware-framework-uses-gaming-apps-to-infiltrate-windows-systems/) - Cybercriminals are increasingly distributing a powerful new malware framework, Winos4.0, by hiding it within seemingly legitimate game-related apps aimed at Windows users. This advanced post-exploitation framework, documented earlier this year by Trend Micro, mirrors popular frameworks like Sliver and Cobalt Strike in its capabilities. - [New Interlock Ransomware Exploits FreeBSD servers, Demanding Huge Ransoms](https://www.blackhatethicalhacking.com/news/new-interlock-ransomware-exploits-freebsd-servers-demanding-huge-ransoms/) - A new ransomware strain called Interlock is emerging as a significant threat, uniquely targeting FreeBSD servers, commonly found in critical infrastructure systems. Unlike the standard Linux-based encryptors, Interlock is one of the few ransomware operations specifically developing tools to target FreeBSD, following in the footsteps of the now-disrupted Hive ransomware. - [New Version of iOS Spyware LightSpy Adds Device-Disabling Capabilities](https://www.blackhatethicalhacking.com/news/new-version-of-ios-spyware-lightspy-adds-device-disabling-capabilities/) - Security researchers have discovered an enhanced version of the iOS spyware LightSpy, incorporating advanced capabilities to capture extensive device data and even disable infected devices, preventing them from rebooting. - [Blue Team Tool: Ghostport](https://www.blackhatethicalhacking.com/tools/ghostport/) - Ghostport is a sophisticated port spoofing tool designed to confuse and mislead port scanners. - [CRON#TRAP Phishing Attack: A Linux VM Backdoor Hides Inside Windows Systems](https://www.blackhatethicalhacking.com/news/crontrap-phishing-attack-a-linux-vm-backdoor-hides-inside-windows-systems-2/) - CRON#TRAP is a recent phishing attack discovered by Securonix researchers, targeting corporate networks through a Linux VM deployed via phishing emails. The email, disguised as a survey from OneAmerica, contains a 285MB ZIP file with a Windows shortcut and a custom QEMU virtual machine. When the file is opened, it installs the Linux VM, named PivotBox, with a pre-configured backdoor for remote access. - [New Tool Bypasses Google’s App-Bound Cookie Encryption](https://www.blackhatethicalhacking.com/news/new-tool-bypasses-googles-app-bound-cookie-encryption/) - Cybersecurity researcher Alexander Hagenah has made waves by releasing a new tool, ‘Chrome-App-Bound-Encryption-Decryption’, which bypasses Google Chrome’s latest App-Bound encryption feature for cookies, allowing retrieval of sensitive data, including saved credentials. - [Human Intelligence is the best defense against Phishing Attacks](https://www.blackhatethicalhacking.com/articles/human-intelligence-is-human-intelligence-is-the-best-defense-against-phishing-attacks/) - In this article, we are focusing on the persistent challenge of phishing attacks. The threat of phishing attacks looms large in our digital era, and it continues to evolve with increasingly sophisticated tactics. While technology has made significant advancements in strengthening defensive systems, human intelligence remains the most crucial defense. - [Opera Browser ‘CrossBarking’ Vulnerability Could Enable Full Access to Private APIs](https://www.blackhatethicalhacking.com/news/opera-browser-crossbarking-vulnerability-could-enable-full-access-to-private-apis/) - A critical security flaw in the Opera web browser could have allowed malicious extensions to gain unauthorized, full access to private APIs, threatening users’ privacy and security. Guardio Labs researchers named the exploit CrossBarking and demonstrated how malicious extensions could potentially take screenshots, modify browser settings, and even hijack user accounts. - [New Internet Archive Breach Tied to Stolen Zendesk Tokens](https://www.blackhatethicalhacking.com/news/new-internet-archive-breach-tied-to-stolen-zendesk-tokens/) - The Internet Archive has suffered yet another breach, this time targeting its Zendesk email support platform. Despite warnings about exposed GitLab tokens, the organization failed to rotate their stolen credentials, leading to the compromise of their support system and exposing sensitive data. - [Fortinet Discloses Critical ‘FortiJump’ Zero-Day Flaw Exploited Since June](https://www.blackhatethicalhacking.com/news/fortinet-discloses-critical-fortijump-zero-day-flaw-exploited-since-june/) - A critical vulnerability in Fortinet's FortiManager system, dubbed ‘FortiJump’ and tracked as CVE-2024-47575, has been actively exploited since June 2024, according to a report by Mandiant. This zero-day flaw has compromised over 50 servers, making it a significant cyber threat in recent months. - [Red Teaming Tool: avred](https://www.blackhatethicalhacking.com/tools/avred/) - Avred is a tool designed for Red Teamers to identify and analyze how antivirus (AV) software detects malware. - [Iranian Threat Actor OilRig Exploits Windows Kernel Flaw in UAE Cyber Espionage Campaign](https://www.blackhatethicalhacking.com/news/iranian-threat-actor-oilrig-exploits-windows-kernel-flaw-in-uae-cyber-espionage-campaign/) - The Iranian cyber espionage group known as OilRig (also called APT34 or Earth Simnavaz) has been observed exploiting a privilege escalation flaw (CVE-2024-30088) in the Windows Kernel as part of an attack campaign targeting the United Arab Emirates (U.A.E.) and other Gulf nations. - [Apple Fixes iOS Bug That Exposed Saved Passwords to VoiceOver](https://www.blackhatethicalhacking.com/news/apple-fixes-ios-bug-that-exposed-saved-passwords-to-voiceover/) - Apple has released updates for iOS and iPadOS to address two security vulnerabilities, one of which could allow VoiceOver to read out loud a user's saved passwords. - [Ivanti EPM Exploit Allows Hackers to Take Over Systems via SQL Injection](https://www.blackhatethicalhacking.com/news/ivanti-epm-exploit-allows-hackers-to-take-over-systems-via-sql-injection/) - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in Ivanti's Endpoint Manager (EPM) that is now being actively exploited by threat actors. This remote code execution (RCE) flaw, tracked as CVE-2024-29824, allows attackers to exploit SQL Injection vulnerabilities on unpatched systems to execute arbitrary commands. - [GitLab Urges Users to Patch Critical CI/CD Vulnerability Affecting Multiple Versions](https://www.blackhatethicalhacking.com/news/gitlab-urges-users-to-patch-critical-ci-cd-vulnerability-affecting-multiple-versions/) - GitLab has released security patches to address multiple vulnerabilities, including a critical flaw (CVE-2024-9164) that allows unauthorized users to trigger CI/CD pipelines on any branch of a repository. This flaw, with a CVSS v3.1 score of 9.6, can be exploited to execute code or gain access to sensitive information by bypassing branch protections. - [Stealthy "perfctl" Malware Exploits Linux Servers for Cryptojacking and Proxyjacking](https://www.blackhatethicalhacking.com/news/stealthy-perfctl-malware-exploits-linux-servers-for-cryptojacking-and-proxyjacking/) - An ongoing malware campaign is exploiting misconfigured and vulnerable Linux servers, delivering a stealthy malware known as Perfctl. The primary goal of this malware is to install cryptocurrency miners and proxyjacking software. - [Over 300,000 DDoS Attack Commands Issued by GorillaBot in One Month](https://www.blackhatethicalhacking.com/news/over-300000-ddos-attack-commands-issued-by-gorillabot-in-one-month/) - Cybersecurity researchers have identified a new botnet malware family called Gorilla (aka GorillaBot), which is based on the leaked Mirai botnet source code. Discovered by NSFOCUS in September 2024, the botnet has launched over 300,000 attack commands between September 4 and September 27, 2024. - [Critical Kubernetes Flaw Exposes VMs to Root-Level SSH Attacks](https://www.blackhatethicalhacking.com/news/critical-kubernetes-flaw-exposes-vms-to-root-level-ssh-attacks/) - A critical vulnerability in Kubernetes, tracked as CVE-2024-9486, could enable unauthorized SSH access to virtual machines (VMs) created using the Kubernetes Image Builder project. - [Red-Team Tool "EDRSilencer" Used in Attacks to Bypass Security Alerts](https://www.blackhatethicalhacking.com/news/red-team-tool-edrsilencer-used-in-attacks-to-bypass-security-alerts/) - A tool known as EDRSilencer, initially designed for red-team operations, has been observed in real-world attacks where hackers attempt to identify and disable EDR tools. By using Windows Filtering Platform (WFP) to filter network traffic, attackers are able to mute alerts generated by popular Endpoint Detection and Response (EDR) solutions such as Microsoft Defender, SentinelOne, and FortiEDR. - [Recon Tool: emailFinder](https://www.blackhatethicalhacking.com/tools/emailfinder/) - emailFinder is a web scraping tool that extracts email addresses from multiple URLs listed in a file, or a simple URL. It crawls through all page routes and parses content to find and display email addresses. - [Recon Tool: Argus](https://www.blackhatethicalhacking.com/tools/argus/) - Argus is an all-in-one toolkit designed to simplify information gathering and reconnaissance tasks. It has a user-friendly interface, a suite of powerful modules, and enables efficient and thorough exploration of networks, web applications, and security configurations. - [Apple Fixes Critical HM Surf Flaw - macOS Safari Exploit Allows Full Access to User Data](https://www.blackhatethicalhacking.com/news/apple-fixes-critical-hm-surf-flaw-macos-safari-exploit-allows-full-access-to-user-data/) - Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to bypass a user's privacy preferences and access sensitive data. The vulnerability, codenamed HM Surf by Microsoft, is tracked as CVE-2024-44133 and has been addressed by Apple in macOS Sequoia 15 by removing the vulnerable code. - [Primer on Broken Access Control vulnerabilities and how to find them](https://www.blackhatethicalhacking.com/articles/primer-on-broken-access-control-vulnerabilities-and-how-to-find-them/) - In this write-up, we will be focusing on broken access control vulnerabilities and providing multiple examples of how to detect them. - [Lazarus Group Deploys Linux FASTCash Malware to Steal Millions in Coordinated ATM Attacks](https://www.blackhatethicalhacking.com/news/lazarus-group-deploys-linux-fastcash-malware-to-steal-millions-in-coordinated-atm-attacks/) - North Korean state-sponsored hacking group Hidden Cobra, also known as APT38 or Lazarus, has expanded its notorious FASTCash malware to Linux systems, specifically targeting Ubuntu 22.04 LTS distributions. The new variant allows the group to infiltrate payment switch systems, enabling unauthorized ATM withdrawals at an international scale. - [When two young hackers played war games with Pentagon](https://www.blackhatethicalhacking.com/articles/when-two-young-hackers-played-war-games-with-pentagon/) - In this story, two young hackers, Mathew Bevan and Richard Pryce, managed to penetrate the Pentagon's supposedly secure defense network from the comfort of their bedrooms in the 1990s. - [Internet Archive Hacked: 31 Million User Records Stolen in Major Data Breach](https://www.blackhatethicalhacking.com/news/internet-archive-hacked-31-million-user-records-stolen-in-major-data-breach/) - The Internet Archive has been hit by a massive data breach, exposing the personal details of 31 million registered users. The breach was made public when visitors to archive.org saw a JavaScript alert from the hacker, announcing that the site had been compromised. - [New Scanner Released to Detect CUPS RCE Vulnerability CVE-2024-47176](https://www.blackhatethicalhacking.com/news/new-scanner-released-to-detect-cups-rce-vulnerability-cve-2024-47176/) - A new automated scanner has been developed to help security professionals detect devices vulnerable to the Common Unix Printing System (CUPS) Remote Code Execution (RCE) flaw, tracked as CVE-2024-47176. Discovered by Simone Margaritelli, this flaw allows attackers to execute arbitrary code remotely, albeit with some real-world constraints. - [Hackers Could Exploit NVIDIA GPU Toolkit Flaw to Hijack Host Systems](https://www.blackhatethicalhacking.com/news/hackers-could-exploit-nvidia-gpu-toolkit-flaw-to-hijack-host-systems/) - A newly discovered vulnerability in the NVIDIA Container Toolkit impacts all AI applications utilizing it to access GPU resources, affecting both cloud and on-premise environments. - [Sniper Dz: The PhaaS Platform Behind 140,000+ Phishing Sites Exposed](https://www.blackhatethicalhacking.com/news/sniper-dz-the-phaas-platform-behind-140000-phishing-sites-exposed/) - A phishing-as-a-service (PhaaS) platform named Sniper Dz has been linked to more than 140,000 phishing websites over the past year, demonstrating its widespread use by cybercriminals to steal credentials. - [Data Breaches: A Growing Threat](https://www.blackhatethicalhacking.com/articles/data-breaches_a-growing-threat/) - Data breaches represent an increasingly serious problem for businesses and individuals around the world. In 2023 there were more than 18.6 billion records exposed in 2023, a 42% increase compared to 2022. - [The Differences Between Reactive and Preventive SOC Teams in Threat Hunting](https://www.blackhatethicalhacking.com/articles/the-differences-between-reactive-and-preventive-soc-teams-in-threat-hunting/) - In today’s cybersecurity landscape, organizations face an increasing number of cyberattacks, making it essential for Information Security teams to be highly prepared to identify, mitigate, and respond to these threats. One of the key components of these defense strategies is the Security Operations Center (SOC). - [A primer on OS Command Injection Attacks](https://www.blackhatethicalhacking.com/articles/a-primer-on-os-command-injection-attacks/) - This write-up makes an introduction to OS command injection vulnerabilities, shows ways to bypass blacklisted commands/characters, and then solves a lab that contains an OS command injection vulnerability. - [Long-Term Spyware Threat Discovered in ChatGPT's macOS Memory Feature](https://www.blackhatethicalhacking.com/news/long-term-spyware-threat-discovered-in-chatgpts-macos-memory-feature/) - A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have allowed attackers to implant long-term spyware, dubbed SpAIware, into the tool’s memory, facilitating continuous data exfiltration from users' interactions. - [Mallox Ransomware Targets Linux Systems with Modified Kryptina Code](https://www.blackhatethicalhacking.com/news/mallox-ransomware-targets-linux-systems-with-modified-kryptina-code/) - An affiliate of the Mallox ransomware operation, also known as TargetCompany, has been observed using a slightly modified version of the Kryptina ransomware to launch attacks on Linux systems. The findings, revealed by SentinelLabs, mark a significant evolution in the tactics of Mallox, which previously focused exclusively on Windows targets. - [Infostealer Malware Circumvents Chrome’s Encryption in New Attacks](https://www.blackhatethicalhacking.com/news/infostealer-malware-circumvents-chromes-encryption-in-new-attacks/) - Multiple infostealer malware developers have claimed to bypass Chrome’s encryption feature, App-Bound Encryption. Security researchers g0njxa and RussianPanda9xx observed developers boasting that their tools (MeduzaStealer, Whitesnake, Lumma Stealer, Lumar (PovertyStealer), Vidar Stealer, StealC) can circumvent this security measure. - [Hackers Could Steal Millions of Kia Cars Using Just a License Plate](https://www.blackhatethicalhacking.com/news/hackers-could-steal-millions-of-kia-cars-using-just-a-license-plate/) - A group of security researchers has discovered significant vulnerabilities in Kia's dealer portal, enabling hackers to locate, unlock, and steal millions of Kia vehicles made after 2013 by using only the targeted car’s license plate. - [OSINT Tool: Pytster](https://www.blackhatethicalhacking.com/tools/pytster/) - Pytster is a tool designed to assist security analysts in determining whether a given hash, email address, IPv4 address, URL, or domain is malicious. By collecting data from various OSINT (Open Source Intelligence) platforms, it provides detailed reports, simplifying the research process. - [North Korean Hackers Deploy PondRAT via Poisoned Python Packages in Supply Chain Attacks](https://www.blackhatethicalhacking.com/news/north-korean-hackers-deploy-pondrat-via-poisoned-python-packages-in-supply-chain-attacks/) - Researchers from Palo Alto Networks Unit 42 have identified North Korean-affiliated threat actors using compromised Python packages to distribute a new malware strain called PondRAT. This discovery comes as part of an ongoing campaign aimed at developers, further revealing the evolving tactics of North Korea's Lazarus Group. - [Mercury Cyber Security comes up with a new solution for losses in the crypto industry](https://www.blackhatethicalhacking.com/articles/mercury-cyber-security-comes-up-with-a-new-solution-for-losses-in-the-crypto-industry/) - Recently, Mercury Cyber Security launched a solution that is proving to be worth the money, crypto recovery services. - [Ransomware Gangs Exploit Critical SonicWall Firewall Vulnerability](https://www.blackhatethicalhacking.com/news/ransomware-gangs-exploit-critical-sonicwall-firewall-vulnerability/) - Ransomware affiliates are now actively exploiting a critical vulnerability in SonicWall’s SonicOS firewall devices, gaining unauthorized access to victims' networks. - [Over 1.3 Million Android Devices Infected: Vo1d Malware Campaign Exposed](https://www.blackhatethicalhacking.com/news/over-1-3-million-android-devices-infected-vo1d-malware-campaign-exposed/) - Massive Malware Campaign Targets Over 1.3 Million Android Streaming Devices Researchers have uncovered a widespread malware campaign that has infected over 1.3 million Android TV streaming boxes across more than 200 countries. - [PIXHELL: New Acoustic Attack Leaks Data from Air-Gapped Systems via LCD Screens](https://www.blackhatethicalhacking.com/news/pixhell-new-acoustic-attack-leaks-data-from-air-gapped-systems-via-lcd-screens/) - Ransomware affiliates are now actively exploiting a critical vulnerability in SonicWall’s SonicOS firewall devices, gaining unauthorized access to victims' networks.A novel acoustic attack called PIXHELL can exfiltrate sensitive data from air-gapped and audio-gapped systems by exploiting the LCD monitors connected to them. - [Critical D-Link Router Vulnerabilities Allow Remote Code Execution](https://www.blackhatethicalhacking.com/news/critical-d-link-router-vulnerabilities-allow-remote-code-execution/) - D-Link has patched critical security vulnerabilities in three widely-used wireless routers, affecting both high-end WiFi 6 routers (DIR-X models) and mesh networking systems (COVR). The vulnerabilities allow remote attackers to execute arbitrary code and access devices using hardcoded credentials, posing a serious security risk. - [Temu Denies Hacker's Claim of 87 Million User Data Breach](https://www.blackhatethicalhacking.com/news/temu-denies-hackers-claim-of-87-million-user-data-breach/) - Temu, a fast-growing e-commerce platform, has denied claims of a data breach after a hacker alleged they were selling a database containing 87 million customer records. The hacker posted samples of the data on BreachForums, claiming it contained sensitive information such as usernames, IP addresses, shipping addresses, phone numbers, and hashed passwords. - [New Windows Zero-Day Exploited in Active Attacks](https://www.blackhatethicalhacking.com/news/new-windows-zero-day-exploited-in-active-attacks/) - The Windows vulnerability MSHTML spoofing, tracked as CVE-2024-43461, was first disclosed by Microsoft as part of the September 2024 Patch Tuesday. Initially, it wasn't marked as exploited, but later updates confirmed that it had been actively used in attacks before it was fixed. Void Banshee, a cyber espionage group targeting North America, Europe, and Southeast Asia, utilized this flaw to deploy information-stealing malware. - [Adobe Reader Zero-Day with Active Exploit Fixed in Emergency Patch](https://www.blackhatethicalhacking.com/news/adobe-reader-zero-day-with-active-exploit-fixed-in-emergency-patch/) - A cybersecurity researcher is urging all users to upgrade Adobe Acrobat Reader after the release of a critical security fix for a zero-day remote code execution vulnerability, which has a publicly available proof-of-concept (PoC) exploit being actively used in the wild. - [Offensive Security Tool: headi](https://www.blackhatethicalhacking.com/tools/headi/) - Headi is a customizable and automated HTTP header injection tool. It is used to test web apps by injecting various HTTP headers to identify potential security vulnerabilities. - [Kali Linux 2024.3 Release: 11 New Hacking Tools, New Features](https://www.blackhatethicalhacking.com/news/kali-linux-2024-3-release-11-new-hacking-tools-new-features/) - Kali Linux 2024.3 introduces several significant changes, most notably the ongoing transition to Python 3.12, which will become the default in the next release (2024.4), marking the end of support for pip installations. The current release adds 11 new tools, including goshs, graudit, hekatomb and more. - [Is Tor Still Safe? Law Enforcement Exploits Highlight Timing Attack Vulnerabilities](https://www.blackhatethicalhacking.com/news/is-tor-still-safe-law-enforcement-exploits-highlight-timing-attack-vulnerabilities/) - The Tor Project is working to reassure users that the network remains secure despite recent reports indicating law enforcement agencies from Germany and other countries have been using timing attacks to deanonymize users. - [Critical Apache OFBiz Flaw Allows Hackers to Execute Code Remotely](https://www.blackhatethicalhacking.com/news/critical-apache-ofbiz-flaw-allows-hackers-to-execute-code-remotely/) - Apache has addressed a critical remote code execution (RCE) vulnerability in its open-source OFBiz (Open For Business) software, a suite of enterprise business applications used for customer relationship management (CRM) and enterprise resource planning (ERP). - [Critical Flaws in Microsoft macOS Apps: Eight Vulnerabilities Expose Sensitive Data](https://www.blackhatethicalhacking.com/news/critical-flaws-in-microsoft-macos-apps-eight-vulnerabilities-expose-sensitive-data/) - Eight vulnerabilities have been discovered in Microsoft applications for macOS, potentially allowing adversaries to gain elevated privileges or access sensitive data by bypassing the operating system's permissions-based model. - [D-Link Warns of Critical RCE Flaws in DIR-846W Router: No Fixes Coming](https://www.blackhatethicalhacking.com/news/d-link-warns-of-critical-rce-flaws-in-dir-846w-router-no-fixes-coming/) - D-Link has issued a warning regarding four remote code execution (RCE) vulnerabilities that impact all hardware and firmware versions of its DIR-846W router. These flaws, discovered by security researcher yali-1002, present serious security risks, yet D-Link will not be releasing patches as the product has reached its end-of-life and end-of-support status. - [Cisco Patches Critical ISE Command Injection Vulnerability with Public Exploit Code](https://www.blackhatethicalhacking.com/news/cisco-patches-critical-ise-command-injection-vulnerability-with-public-exploit-code/) - Cisco has patched a critical command injection vulnerability, tracked as CVE-2024-20469, in its Identity Services Engine (ISE) solution. This flaw, which has public exploit code available, allows attackers to escalate their privileges to root on vulnerable systems. - [New RAMBO Attack Extracts Secrets from Air-Gapped Systems via Electromagnetic Signals](https://www.blackhatethicalhacking.com/news/new-rambo-attack-extracts-secrets-from-air-gapped-systems-via-electromagnetic-signals/) - A newly discovered side-channel attack, dubbed RAMBO (Radiation of Air-gapped Memory Bus for Offense), enables attackers to extract data from air-gapped computers by generating electromagnetic radiation from the device's RAM. - [Cicada3301: A New Ransomware-as-a-Service Operation](https://www.blackhatethicalhacking.com/news/cicada3301-a-new-ransomware-as-a-service-operation/) - A new ransomware-as-a-service (RaaS) operation named Cicada3301 has quickly emerged, already listing 19 victims on its extortion portal. This cybercrime operation has no connection to the legitimate Cicada 3301 cryptographic puzzle game from 2012-2014, despite using the same logo for promotion on cybercrime forums. - [Common and Uncommon types of SQL Injection](https://www.blackhatethicalhacking.com/articles/common-and-uncommon-types-of-sql-injection/) - In this article, we'll explain some of the most common and uncommon types of SQL Injection. We'll also discuss how these attacks can impact your company and your customers, and show you the measures you need to take to mitigate and minimize such risks. - [NIS2 Directive: A Strategic Blueprint for Cyber Security and the Importance of Pentesting](https://www.blackhatethicalhacking.com/articles/nis2-directive-a-strategic-blueprint-for-cyber-security-and-the-importance-of-pentesting/) - In this article, we provide a guide to the NIS2 Directive, a critical EU initiative aimed at strengthening cybersecurity across Europe. Its emphasis on proactive measures, including pentesting, incident response, and securing supply chains, pushes organizations to adopt cutting-edge security practices, ensuring a higher level of security preparedness. - [SLUBStick: A Novel Linux Kernel Cross-Cache Attack](https://www.blackhatethicalhacking.com/news/slubstick-a-novel-linux-kernel-cross-cache-attack/) - SLUBStick is a newly discovered cross-cache attack targeting the Linux kernel, capable of converting limited heap vulnerabilities into arbitrary memory read-and-write capabilities with a 99% success rate. This attack enables threat actors to elevate privileges or escape containers, posing significant security risks. - [Stealthy Linux Malware 'Sedexp' Evades Detection with New Persistence Technique](https://www.blackhatethicalhacking.com/news/stealthy-linux-malware-sedexp-evades-detection-with-new-persistence-technique/) - A newly discovered Linux malware named 'sedexp' has been silently operating since 2022, evading detection by using a persistence technique that is not yet recognized in the MITRE ATT&CK framework. - [Hackers Leak 2.7 Billion Records: Social Security Numbers and Addresses Compromised](https://www.blackhatethicalhacking.com/news/hackers-leak-2-7-billion-records-social-security-numbers-and-addresses-compromised/) - In one of the largest data breaches to date, nearly 2.7 billion records containing personal information of individuals in the United States have been leaked on a hacking forum. This extensive database, which includes names, Social Security numbers, physical addresses, and possible aliases, was exposed in two text files totaling 277GB. - ["Windows Downdate" Attack: Zero-Days Make "Fully Patched" Windows Systems Vulnerable Again](https://www.blackhatethicalhacking.com/news/windows-downdate-attack-zero-days-make-fully-patched-windows-systems-vulnerable-again/) - At Black Hat 2024, SafeBreach security researcher Alon Leviev unveiled two zero-day vulnerabilities that allow threat actors to perform downgrade attacks on fully updated Windows systems, effectively reintroducing old vulnerabilities. - [OSINT Tool: cloud_enum](https://www.blackhatethicalhacking.com/tools/cloud_enum/) - cloud_enum is an OSINT (Open Source Intelligence) enumeration tool designed to help security professionals, penetration testers, and researchers identify and enumerate publicly accessible resources across the three major cloud platforms: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). - [Digital Forensics Tool: Elyzer](https://www.blackhatethicalhacking.com/tools/elyzer/) - Elyzer is a tool for analyzing email headers to detect potential spoofing attempts and assess email security. It provides detailed information about the email, including its route, critical security headers, and results of phishing/spoofing analysis. - [Malware Campaign Targeting Middle Eastern Organizations with Fake Palo Alto GlobalProtect Tool](https://www.blackhatethicalhacking.com/news/malware-campaign-targeting-middle-eastern-organizations-with-fake-palo-alto-globalprotect-tool/) - A recent malware campaign has been targeting Middle Eastern organizations, leveraging a malicious tool disguised as the legitimate Palo Alto GlobalProtect software. This malware is designed to steal data and execute remote PowerShell commands, enabling attackers to infiltrate internal networks further. - [APT-C-60 Exploits Zero-Day Vulnerabilities in WPS Office to Install SpyGlace Backdoor](https://www.blackhatethicalhacking.com/news/apt-c-60-exploits-zero-day-vulnerabilities-in-wps-office-to-install-spyglace-backdoor/) - The South Korea-aligned cyberespionage group, APT-C-60, has been actively exploiting a zero-day code execution vulnerability in WPS Office to install the SpyGlace backdoor on targets in East Asia. - [New QR Code Phishing Campaign Leverages Microsoft Sway Infrastructure](https://www.blackhatethicalhacking.com/news/new-qr-code-phishing-campaign-leverages-microsoft-sway-infrastructure/) - Cybersecurity researchers have identified a new phishing campaign, often referred to as "quishing," that uses QR codes to direct victims to malicious websites. The campaign stands out by exploiting Microsoft Sway, a legitimate cloud-based tool for creating presentations and documents, to host fake pages that aim to steal Microsoft 365 credentials. - [Google Patches Tenth Zero-Day Exploited in 2024](https://www.blackhatethicalhacking.com/news/google-patches-tenth-zero-day-exploited-in-2024/) - Google has patched its tenth zero-day vulnerability exploited in the wild in 2024, identified as CVE-2024-7965. The vulnerability, discovered by a security researcher known as TheDog, is classified as a high-severity issue stemming from an inappropriate implementation in Chrome’s V8 JavaScript engine. - [New macOS Malware Cthulhu Stealer Targets Apple Users with Credential Theft](https://www.blackhatethicalhacking.com/news/new-macos-malware-cthulhu-stealer-targets-apple-users-with-credential-theft/) - Cybersecurity researchers have recently identified a new malware targeting Apple macOS users, dubbed Cthulhu Stealer. This information stealer is part of a growing trend of cyber threats aimed at macOS, a platform traditionally considered less vulnerable than Windows or Linux. - [GoLogin vs. MultiLogin vs. MuLogin: Similarities and Differences for the Best Results](https://www.blackhatethicalhacking.com/articles/gologin-vs-multilogin-vs-mulogin-similarities-and-differences-for-the-best-results/) - Most browsers are free to use, and it is very convenient for people. However, there is another side of the coin - using something for free on the Internet can be dangerous for your private information and identity. - [Microsoft Patches Critical Windows SmartScreen Bypass Vulnerability Exploited as Zero-Day](https://www.blackhatethicalhacking.com/news/microsoft-patches-critical-windows-smartscreen-bypass-vulnerability-exploited-as-zero-day/) - Microsoft recently revealed that a critical SmartScreen bypass vulnerability, exploited as a zero-day by attackers, was patched during the June 2024 Patch Tuesday updates. The vulnerability, tracked as CVE-2024-38213, was used by threat actors to bypass SmartScreen protections, potentially allowing malicious software to be executed without triggering security warnings. - [The Evolution of Malware](https://www.blackhatethicalhacking.com/articles/the-evolution-of-malware/) - Malware encompasses a wide range of software designed to inflict damage or gain unauthorized access to computers and networks. Today's malware landscape has evolved into a complex web of threats that target personal and corporate systems. - [Microsoft Discovers Four Critical Bugs in OpenVPN: RCE and LPE Vulnerabilities Exposed](https://www.blackhatethicalhacking.com/news/microsoft-discovers-four-critical-bugs-in-openvpn-rce-and-lpe-vulnerabilities-exposed/) - During the Black Hat USA 2024 conference, Microsoft researchers unveiled the discovery of four medium-severity vulnerabilities in the widely used open-source software OpenVPN. These flaws, if exploited in sequence, could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE), granting attackers full control over targeted systems. - [18-year-old 0.0.0.0 Day Browser Vulnerability Puts Millions of MacOS and Linux Users at Risk](https://www.blackhatethicalhacking.com/news/0-0-0-0-day-browser-vulnerability-puts-millions-of-macos-and-linux-users-at-risk/) - A vulnerability first disclosed 18 years ago, dubbed "0.0.0.0 Day," has resurfaced, allowing malicious websites to bypass security measures in Google Chrome, Mozilla Firefox, and Apple Safari. This vulnerability, which affects only Linux and macOS devices, enables attackers to exploit services on local networks, leading to potential unauthorized access, setting alterations, and even remote code execution. - [Docker: Critical Patch Issued for a 5-year Old Vulnerability Allowing Authorization Bypass](https://www.blackhatethicalhacking.com/news/docker-critical-patch-issued-for-a-5-year-old-vulnerability-allowing-authorization-bypass/) - Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under certain circumstances. The flaw was initially discovered and fixed in Docker Engine v18.09.1, released in January 2019, but for some reason, the fix wasn't carried forward in later versions, so the flaw resurfaced. - [Google Ad Platform Exploited by Fake Google Authenticator Ads](https://www.blackhatethicalhacking.com/news/google-ad-platform-exploited-by-fake-google-authenticator-ads/) - Google has fallen victim to a malicious advertising (malvertising) campaign on its own ad platform, allowing threat actors to create fake Google Authenticator ads that deliver the DeerStealer information-stealing malware. - [Cybercriminals Exploit Cloudflare Tunnel for Malware Campaigns](https://www.blackhatethicalhacking.com/news/cybercriminals-exploit-cloudflare-tunnel-for-malware-campaigns/) - Researchers have identified a growing trend where threat actors are increasingly abusing the Cloudflare Tunnel service to distribute remote access trojans (RATs). First detected in February, this cybercriminal activity leverages the free TryCloudflare service to spread multiple RATs, including AsyncRAT, GuLoader, VenomRAT, Remcos RAT, and Xworm. - [Fortune 50 Company Pays Record-Breaking $75 Million Ransom to Dark Angels](https://www.blackhatethicalhacking.com/news/fortune-50-company-pays-record-breaking-75-million-ransom-to-dark-angels/) - A Fortune 50 company has made headlines by paying a record-breaking $75 million ransom to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. - [New Specula Tool Turns Microsoft Outlook into C2 Beacon for Remote Code Execution](https://www.blackhatethicalhacking.com/news/new-specula-tool-turns-microsoft-outlook-into-c2-beacon-for-remote-code-execution/) - Microsoft Outlook can be turned into a command-and-control (C2) beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. - [WhatsApp Vulnerability: Python and PHP Scripts Executed Without Warning](https://www.blackhatethicalhacking.com/news/whatsapp-vulnerability-python-and-php-scripts-executed-without-warning/) - A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be successful, Python needs to be installed, a prerequisite that may limit the targets to software developers, researchers, and power users. - [Digital Forensics Tool: Horus](https://www.blackhatethicalhacking.com/tools/horus/) - Horus is a tool designed for investigative purposes, assisting in data gathering and analysis through various APIs. Key features include location tracking, IP tracing, MAC address vendor identification, and file encryption. - [Critical PKfail Vulnerability Exposes Hundreds of UEFI Devices to Malware](https://www.blackhatethicalhacking.com/news/critical-pkfail-vulnerability-exposes-hundreds-of-uefi-devices-to-malware/) - Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. - [Hackers Leak Internal Documents from Leidos Holdings, Pentagon IT Contractor](https://www.blackhatethicalhacking.com/news/hackers-leak-internal-documents-from-leidos-holdings-pentagon-it-contractor/) - Hackers have leaked internal documents stolen from Leidos Holdings Inc (LDOS.N), one of the largest IT services providers to the U.S. government, Bloomberg News reported on Tuesday, citing a person familiar with the matter. - ['EvilVideo' Zero-Day Exploit Hits Telegram: Malicious APKs Disguised as Video Files](https://www.blackhatethicalhacking.com/news/evilvideo-zero-day-exploit-hits-telegram-malicious-apks-disguised-as-video-files/) - A zero-day vulnerability in Telegram for Android, dubbed 'EvilVideo,' has been discovered, allowing attackers to send malicious Android APK payloads disguised as video files. This flaw, which affected Telegram version 10.14.4 and older, was first sold by a threat actor named 'Ancryno' on the XSS hacking forum on June 6, 2024. - [Hacker Targets Mobile Guardian Software, Erases Data for 13,000 Students](https://www.blackhatethicalhacking.com/news/hacker-targets-mobile-guardian-software-erases-data-for-13000-students/) - In a significant cybersecurity breach, a hacker infiltrated Mobile Guardian, a widely used digital classroom management platform, and remotely wiped data from at least 13,000 students' iPads and Chromebooks. - [Xbox Underground](https://www.blackhatethicalhacking.com/articles/xbox-underground/) - In this article, we explore the story of David Pokora, who went from being an avid Xbox gamer to a notorious hacker and leader of Xbox-Underground. - [Google Patches Exploited Linux Kernel Zero-Day Vulnerability in Latest Android Update](https://www.blackhatethicalhacking.com/news/google-patches-exploited-linux-kernel-zero-day-vulnerability-in-latest-android-update/) - The latest Android security update addresses 46 vulnerabilities, including a high-severity remote code execution (RCE) zero-day vulnerability actively exploited in targeted attacks. - [Identify and Exploit LFI (Local File Inclusion) Vulnerabilities](https://www.blackhatethicalhacking.com/articles/exploiting-lfi-vulnerabilities/) - In this write up, we'll show you how to identify and exploit LFI Vulnerabilities. We will also discuss their impact and how to mitigate them with examples. - [SolarWinds Supply Chain Hack - The hack that shone a light on the gaps in the cybersecurity of governments and big companies](https://www.blackhatethicalhacking.com/articles/solarwinds-supply-chain-hack/) - The SolarWinds supply chain hack severely impacted the IT infrastructure of both government and large corporate networks. The sophisticated attack exploited SolarWinds' Orion software, impacting around 18,000 clients globally, including key US departments. - [Red Team Tactics to uncover hidden Secrets on Websites](https://www.blackhatethicalhacking.com/articles/find-hidden-and-encrypted-secrets-from-any-website/) - In this article, we'll demonstrate red team tactics for uncovering hidden secrets on websites. Despite security layers that companies deploy, such as Cloudflare WAF and next-generation firewalls, attackers can exploit sensitive information embedded in code, such as API keys and tokens. - [New Linux Variant of Play Ransomware Targets VMware ESXi Environments](https://www.blackhatethicalhacking.com/news/new-linux-variant-of-play-ransomware-targets-vmware-esxi-environments/) - Cybersecurity researchers have identified a new Linux variant of the Play ransomware strain, also known as Balloonfly and PlayCrypt, which specifically targets VMware ESXi environments. This development indicates that the ransomware group may be expanding its reach across the Linux platform, potentially increasing its victim pool and the likelihood of successful ransom negotiations. - [Recon Tool: FinalRecon](https://www.blackhatethicalhacking.com/tools/finalrecon/) - FinalRecon is an automatic web reconnaissance tool, designed to provide a comprehensive overview of a target website efficiently. It streamlines the web reconnaissance process by consolidating multiple functionalities into a single tool, minimizing dependencies. - [Critical Cisco Bug Allows Root Access and Permanent DoS via Malicious Emails](https://www.blackhatethicalhacking.com/news/critical-cisco-bug-allows-root-access-and-permanent-dos-via-malicious-emails/) - Cisco has addressed a critical severity vulnerability (CVE-2024-20401) affecting its Security Email Gateway (SEG) appliances. This vulnerability allows attackers to add new users with root privileges or permanently crash the appliances by exploiting email attachments with malicious content. - [FIN7 Hacking Group Selling "AvNeutralizer" Tool to Other Hackers](https://www.blackhatethicalhacking.com/news/fin7-hacking-group-selling-avneutralizer-tool-to-other-hackers/) - The notorious FIN7 hacking group, active since 2013, is now selling its custom "AvNeutralizer" tool. This sophisticated software is designed to evade detection by disabling enterprise endpoint protection software on corporate networks. The tool, also known as AuKill, has been linked to several ransomware operations, highlighting the ongoing threat posed by FIN7. - [HardBit 4.0 Ransomware Introduces Obfuscation Techniques and Passphrase Protection](https://www.blackhatethicalhacking.com/news/hardbit-4-0-ransomware-introduces-obfuscation-techniques-and-passphrase-protection/) - The HardBit ransomware group has released version 4.0 of their malicious software, featuring new obfuscation techniques and passphrase protection to make analysis more challenging for cybersecurity researchers. - [Critical GeoServer Flaw CVE-2024-36401 Actively Exploited in Attacks](https://www.blackhatethicalhacking.com/news/critical-geoserver-flaw-cve-2024-36401-actively-exploited-in-attacks/) - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited remote code execution (RCE) vulnerability in GeoServer, an open-source server for geospatial data. The flaw, tracked as CVE-2024-36401, has been given a severity rating of 9.8. - [Microsoft Patches 18-Month Zero-Day Exploit in Windows MHTML Handler](https://www.blackhatethicalhacking.com/news/microsoft-patches-18-month-zero-day-exploit-in-windows-mhtml-handler/) - Security researchers have identified a Microsoft has addressed a zero-day vulnerability in Windows that has been actively exploited for eighteen months. Identified as CVE-2024-38112, this high-severity MHTML spoofing issue was patched during the July 2024 Patch Tuesday security updates.vulnerability in OpenSSH, tagged as CVE-2024-6409, that poses a serious risk of remote code execution (RCE) on affected systems. This critical flaw affects OpenSSH versions 8.7 and 8.8 due to a race condition in signal handling within the privilege separation (privsep) child process. - [RockYou2024: Massive Data Breach Exposes Nearly 10 Billion Passwords](https://www.blackhatethicalhacking.com/news/rockyou2024-massive-data-breach-exposes-nearly-10-billion-passwords/) - Researchers have uncovered the largest password compilation ever leaked, known as RockYou2024. This massive compilation, containing 9,948,575,739 unique plaintext passwords, was posted on a popular hacking forum by a user with the handle “ObamaCare” on July 4th. - [New OpenSSH Vulnerability CVE-2024-6409 Exposes Systems to Remote Code Execution Risks](https://www.blackhatethicalhacking.com/news/new-openssh-vulnerability-cve-2024-6409-exposes-systems-to-remote-code-execution-risks/) - Security researchers have identified a new vulnerability in OpenSSH, tagged as CVE-2024-6409, that poses a serious risk of remote code execution (RCE) on affected systems. This critical flaw affects OpenSSH versions 8.7 and 8.8 due to a race condition in signal handling within the privilege separation (privsep) child process. - [Kaspersky Lab to Shut Down U.S. Operations Amid Sanctions](https://www.blackhatethicalhacking.com/news/kaspersky-lab-to-shut-down-u-s-operations-amid-sanctions/) - Russian cybersecurity firm Kaspersky Lab has announced it will begin shutting down its U.S. operations on July 20, 2024. This decision follows recent sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) and the Department of Commerce, which have rendered the company's business in the U.S. "no longer viable." - [Signal Enhances Desktop Client Security After Six-Year Delay on Encryption Key Issue](https://www.blackhatethicalhacking.com/news/signal-enhances-desktop-client-security-after-six-year-delay-on-encryption-key-issue/) - Signal has finally addressed a critical security flaw in its desktop application, which involved storing encryption keys in plain text, making encrypted databases vulnerable. The issue, initially reported in 2018, resurfaced recently, prompting Signal to implement a fix using Electron's SafeStorage API - [Digital Forensics Tool: MalStatWare](https://www.blackhatethicalhacking.com/tools/malstatware/) - MalStatWare is a tool designed for automating the analysis of malware. This tool provides quick and comprehensive insights into potentially malicious files by extracting various static attributes and performing preliminary file analyses. - [BGP Hijacking Causes Brief Outage for Cloudflare's DNS Resolver Service](https://www.blackhatethicalhacking.com/news/bgp-hijacking-causes-brief-outage-for-cloudflares-dns-resolver-service/) - Cloudflare recently reported that its DNS resolver service, 1.1.1.1, experienced reachability and performance issues due to a combination of Border Gateway Protocol (BGP) hijacking and a route leak. - [New Zergeca Botnet: A Powerful New Threat that Employs Advanced Evasion Tactics and DDoS Attacks](https://www.blackhatethicalhacking.com/news/new-zergeca-botnet-a-powerful-new-threat-that-employs-advanced-evasion-tactics-and-ddos-attacks/) - Cybersecurity researchers have uncovered a new botnet named Zergeca, capable of conducting distributed denial-of-service (DDoS) attacks. - [Twilio API Vulnerability: Threat Actors Access Millions of MFA User Numbers](https://www.blackhatethicalhacking.com/news/twilio-api-vulnerability-threat-actors-access-millions-of-mfa-user-numbers/) - Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. - [New Malware Loader FakeBat Targets Users with SEO Poisoning and Fake Updates](https://www.blackhatethicalhacking.com/news/new-malware-loader-fakebat-targets-users-with-seo-poisoning-and-fake-updates/) - The Loader-as-a-Service (LaaS) known as FakeBat, also referred to as EugenLoader and PaykLoader, has become a prominent threat in the malware landscape, leveraging drive-by download techniques. - [New OpenSSH Vulnerability "regreSSHion" Enables Root Privileges on Linux Systems](https://www.blackhatethicalhacking.com/news/new-openssh-vulnerability-regresshion-enables-root-privileges-on-linux-systems/) - A recently discovered vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been identified by Qualys researchers. This critical flaw allows unauthenticated remote attackers to execute arbitrary code with root privileges on glibc-based Linux systems. - [Critical Vulnerability in D-Link DIR-859 WiFi Routers Being Actively Exploited](https://www.blackhatethicalhacking.com/news/critical-vulnerability-in-d-link-dir-859-wifi-routers-being-actively-exploited/) - Hackers are exploiting a severe vulnerability affecting all D-Link DIR-859 WiFi routers to steal account information, including passwords. - ['GrimResource' Technique Exploits Windows XSS Flaw for Command Execution via MSC Files](https://www.blackhatethicalhacking.com/news/grimresource-technique-exploits-windows-xss-flaw-for-command-execution-via-msc-files/) - A novel command execution technique, dubbed 'GrimResource,' leverages specially crafted Microsoft Saved Console (MSC) files and an unpatched Windows cross-site scripting (XSS) flaw to perform code execution via the Microsoft Management Console (MMC). - [Noodle RAT: The New Stealthy Cross-Platform Malware Targeting Windows and Linux](https://www.blackhatethicalhacking.com/news/noodle-rat-the-new-stealthy-cross-platform-malware-targeting-windows-and-linux/) - A previously undocumented cross-platform malware, codenamed Noodle RAT, has been used by Chinese-speaking threat actors for years, according to new research. - [JavaScript Supply Chain Attack: Polyfill.io Redirects Users to Scam Sites After Chinese Acquisition](https://www.blackhatethicalhacking.com/news/javascript-supply-chain-attack-polyfill-io-redirects-users-to-scam-sites-after-chinese-acquisition/) - Over 100,000 websites have been impacted by a supply chain attack involving the Polyfill.io service after a Chinese company acquired the domain and modified the script to redirect users to malicious and scam sites. - [Kali Linux 2024.2 Release: 18 New Tools Added, t64 Transition, GNOME 46 and More](https://www.blackhatethicalhacking.com/news/kali-linux-2024-2-release-18-new-tools-added-t64-transition-gnome-46-and-more/) - Kali Linux 2024.2 is here, bringing a host of new features, tools, and improvements. The release includes significant changes, especially in the transition to t64, updates to desktop environments, and the addition of numerous new tools contributed by the community. - [Integrating Metasploit with BeEF Framework for advanced post-exploitation attacks](https://www.blackhatethicalhacking.com/articles/integrating-metasploit-with-beef-framework-for-advanced-post-exploitation-attacks/) - In this article we'll demonstrate how to integrate BeEF (Browser Exploitation Framework) with Metasploit to enhance penetration testing capabilities. BeEF focuses on exploiting web browser vulnerabilities and conducting real-time social engineering attacks, while Metasploit is known for its powerful exploit development and execution against remote targets. - [Offensive Security Tool: PingRAT](https://www.blackhatethicalhacking.com/tools/pingrat/) - PingRAT is a tool designed to secretly passes C2 traffic through firewalls using ICMP payloads. This method allows PingRAT to bypass firewall restrictions and evade detection. - [Offensive Security Tool: Freeway](https://www.blackhatethicalhacking.com/tools/freeway/) - Freeway is a Python scapy-based tool for Wi-Fi penetration testing, designed to assist ethical hackers and pentesters in auditing and securing home or enterprise networks. - [Andrian Lamo - The ‘homeless’ Hacker](https://www.blackhatethicalhacking.com/articles/andrian-lamo-homeless-hacker/) - Adrian Lamo was a hacker that found new ways to challenge companies to re-think how secure they were. From hacking his way into the most prestigious companies while living out of a backpack, to being called a “snitch” from the hacker community, Adrian was a highly controversial figure in the hacking world. - [How Companies Risk Security for Compliance Comfort in Pentesting](https://www.blackhatethicalhacking.com/articles/how-companies-risk-security-for-compliance-comfort-in-pentesting/) - In this article, we discuss the limitations of compliance-driven pentesting compared to the broader scope of security-driven pentesting. While compliance-driven pentesting meets regulatory requirements (e.g., PCI DSS, HIPAA), it often misses deeper vulnerabilities and can leave critical issues undetected by following a checklist approach. - [TeamViewer Corporate Environment Breached by APT Group](https://www.blackhatethicalhacking.com/news/teamviewer-corporate-environment-breached-by-apt-group/) - TeamViewer, a remote access software company, has announced that its corporate environment was breached in a cyberattack on June 26, 2024. According to a cybersecurity firm, the attack is believed to have been carried out by an advanced persistent threat (APT) hacking group. - [Critical Authentication Bypass Flaw in MOVEit Transfer Under Active Exploitation](https://www.blackhatethicalhacking.com/news/critical-authentication-bypass-flaw-in-moveit-transfer-under-active-exploitation/) - Threat actors are swiftly exploiting a newly discovered critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed the vulnerability. - [Identifying Online Frauds and Scams Using Image Search](https://www.blackhatethicalhacking.com/articles/identifying-online-frauds-and-scams-using-image-search/) - In the world of horse racing, AI software can come up with a race prediction based on historical data with much more precision than any experienced handicapper with years of experience in the betting business. Can you imagine if this data falls into the hands of the wrong people? - [JetBrains Urges Urgent Patching for Critical IntelliJ Vulnerability Exposing GitHub Tokens](https://www.blackhatethicalhacking.com/news/jetbrains-urges-urgent-patching-for-critical-intellij-vulnerability-exposing-github-tokens/) - JetBrains has issued an urgent advisory for users of its IntelliJ integrated development environment (IDE) applications, highlighting a critical vulnerability that could expose GitHub access tokens. - [Sleepy Pickle: New Attack Targets Machine Learning Models](https://www.blackhatethicalhacking.com/news/sleepy-pickle-new-attack-targets-machine-learning-models/) - The security risks associated with the Pickle format have resurfaced with the discovery of a new hybrid machine learning (ML) model exploitation technique named Sleepy Pickle. - [Fake Google Chrome and Microsoft Word Alerts Spread Malware via PowerShell Commands](https://www.blackhatethicalhacking.com/news/fake-google-chrome-and-microsoft-word-alerts-spread-malware-via-powershell-commands/) - A new malware distribution campaign has been discovered using fake error messages from Google Chrome, Microsoft Word, and OneDrive to trick users into running malicious PowerShell scripts. - [DISGOMOJI: New Linux Malware Uses Emojis for Command Execution](https://www.blackhatethicalhacking.com/news/disgomoji-new-linux-malware-uses-emojis-for-command-execution/) - A newly discovered Linux malware, dubbed 'DISGOMOJI,' employs a unique approach by using emojis to execute commands on infected devices, targeting government agencies in India. - [Critical PHP Flaw CVE-2024-4577 Exposes Millions of Windows Servers to RCE Attacks](https://www.blackhatethicalhacking.com/news/critical-php-flaw-cve-2024-4577-exposes-millions-of-windows-servers-to-rce-attacks/) - Researchers at cybersecurity firm DEVCORE have discovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-4577, in the PHP programming language. This flaw, affecting PHP version 5.x and earlier, potentially impacts millions of servers worldwide, allowing unauthenticated attackers to gain full control over affected systems. - [Kraken Unveils $3 Million Crypto Heist by Exploiting Zero-Day Flaw](https://www.blackhatethicalhacking.com/news/kraken-unveils-3-million-crypto-heist-by-exploiting-zero-day-flaw/) - Crypto exchange Kraken has revealed that an unidentified security researcher exploited an "extremely critical" zero-day flaw in its platform, resulting in the theft of $3 million in digital assets. The perpetrator has refused to return the stolen funds. - [AMD Investigates Potential Cyberattack Following Data Breach Claims on Hacking Forum](https://www.blackhatethicalhacking.com/news/amd-investigates-potential-cyberattack-following-data-breach-claims-on-hacking-forum/) - AMD is currently investigating a potential cyberattack after a threat actor allegedly put stolen data up for sale on a hacking forum. - [The Dark Horse of Cybersecurity: Protecting Racing Data from Sophisticated Threats](https://www.blackhatethicalhacking.com/articles/the-dark-horse-of-cybersecurity-protecting-racing-data-from-sophisticated-threats/) - In the world of horse racing, AI software can come up with a race prediction based on historical data with much more precision than any experienced handicapper with years of experience in the betting business. Can you imagine if this data falls into the hands of the wrong people? - [Google Dorking: Manual and Automated Methods for finding Hidden Information](https://www.blackhatethicalhacking.com/articles/find-hidden-info-using-google-dorking-manually-and-automated-using-pagodo/) - In this article, we will showcase how to effectively use Google Dorking to uncover hidden and sensitive information on websites. - [Arm Discloses Critical Use-After-Free Vulnerability in GPU Drivers Amid Active Exploitation](https://www.blackhatethicalhacking.com/news/arm-discloses-critical-use-after-free-vulnerability-in-gpu-drivers-amid-active-exploitation/) - Arm has issued a security bulletin alerting users to a critical memory-related vulnerability in its Bifrost and Valhall GPU kernel drivers, which is currently being exploited in the wild. - [Telegram-Linked Gitloker Attacks Leave GitHub Repositories Compromised](https://www.blackhatethicalhacking.com/news/telegram-linked-gitloker-attacks-leave-github-repositories-compromised/) - In a new wave of cyberattacks, malicious actors are targeting GitHub repositories, wiping their contents, and demanding that victims reach out via Telegram for more information. The attacker, operating under the handle "Gitloker" on Telegram and posing as a cyber incident analyst, is believed to be using stolen credentials to compromise GitHub accounts. - [Cybercriminals Exploit Stack Overflow to Spread Malicious PyPi Package](https://www.blackhatethicalhacking.com/news/cybercriminals-exploit-stack-overflow-to-spread-malicious-pypi-package/) - Cybercriminals are leveraging Stack Overflow to promote a malicious PyPi package named 'pytoileur,' which installs Windows information-stealing malware. - [New macOS Version of LightSpy Spyware Targets High-Value Data](https://www.blackhatethicalhacking.com/news/new-macos-version-of-lightspy-spyware-targets-high-value-data/) - Researchers from ThreatFabric have uncovered a macOS variant of the LightSpy surveillance framework, a tool previously known for targeting Android and iOS devices. - [Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware](https://www.blackhatethicalhacking.com/news/fake-browser-updates-deliver-bitrat-and-lumma-stealer-malware/) - Cybercriminals are employing fake browser updates to deliver a variety of malicious payloads, including remote access trojans (RATs) and information stealers such as BitRAT and Lumma Stealer. - [CISA Flags Critical Flaw in Oracle WebLogic Server Amid Active Exploitation](https://www.blackhatethicalhacking.com/news/cisa-flags-critical-flaw-in-oracle-weblogic-server-amid-active-exploitation/) - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a security flaw affecting the Oracle WebLogic Server. This flaw, now added to the Known Exploited Vulnerabilities (KEV) catalog, is under active exploitation. - [Zero-Day Vulnerability in TikTok DMs Hijacks High-Profile Accounts](https://www.blackhatethicalhacking.com/news/zero-day-vulnerability-in-tiktok-dms-hijacks-high-profile-accounts/) - In a significant security breach, attackers have hijacked high-profile TikTok accounts, including those of Sony, CNN, and Paris Hilton, by exploiting a zero-day vulnerability in the platform's direct messages (DMs) feature. - [CatDDoS Botnet Exploits Over 80 Vulnerabilities in Major Software and Devices](https://www.blackhatethicalhacking.com/news/catddos-botnet-exploits-over-80-vulnerabilities-in-major-software-and-devices/) - The CatDDoS malware botnet has exploited over 80 known security vulnerabilities across various software and hardware over the past three months, compromising vulnerable devices to conduct distributed denial-of-service (DDoS) attacks. - [Offensive Security Tool: Genzai](https://www.blackhatethicalhacking.com/tools/genzai/) - Genzai is a tool designed to identify and analyze IoT (Internet of Things) dashboards across single or multiple targets. It scans for default password issues and potential vulnerabilities based on specific paths and software versions. - [Evaluating Apple's Market Position in the Tech Industry Amid AI Growth](https://www.blackhatethicalhacking.com/articles/evaluating-apples-market-position-in-the-tech-industry-amid-ai-growth/) - Today, 17 years later, Apple is still standing strong, but surrounded by powerful and not less innovative competitors. Will Apple keep its position, and what are the steps the company takes to remain a symbol of innovation and a valuable tech company? - [Spike in Phishing Campaigns Delivers Latrodectus, the Successor to IcedID](https://www.blackhatethicalhacking.com/news/spike-in-phishing-campaigns-delivers-latrodectus-the-successor-to-icedid/) - Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that deliver Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. - [Critical SAML Exploit in GitHub Enterprise Server Fixed with Urgent Update](https://www.blackhatethicalhacking.com/news/critical-saml-exploit-in-github-enterprise-server-fixed-with-urgent-update/) - GitHub has addressed a maximum severity vulnerability, tracked as CVE-2024-4985, which threatened GitHub Enterprise Server (GHES) instances using SAML single sign-on (SSO) authentication. This critical flaw carried a CVSS v4 score of 10.0, indicating its potential for severe impact. - [GitLab Urgently Patches Critical XSS Flaw Allowing Account Takeovers](https://www.blackhatethicalhacking.com/news/gitlab-urgently-patches-critical-xss-flaw-allowing-account-takeovers/) - GitLab has addressed a high-severity vulnerability (CVE-2024-4835) that unauthenticated attackers could exploit to take over user accounts through cross-site scripting (XSS) attacks. - [New ShrinkLocker Ransomware Weaponizes BitLocker to Target Corporate Systems](https://www.blackhatethicalhacking.com/news/new-shrinklocker-ransomware-weaponizes-bitlocker-to-target-corporate-systems/) - A new ransomware strain called ShrinkLocker has emerged, employing sophisticated techniques to encrypt corporate systems using Windows BitLocker. The malware, which targets sectors including government, vaccine, and manufacturing, creates new boot partitions by shrinking available non-boot partitions to execute its attack - [OSINT Tool: SiteDorks](https://www.blackhatethicalhacking.com/tools/sitedorks/) - SiteDorks is a tool that allows users to query multiple websites across various search engines such as Google, Bing, Brave, DuckDuckGo, Yahoo, and Yandex. It utilizes predefined lists of "dorkable" websites—websites that can be searched using specific advanced search queries (dorks) with a default list containing 576 websites. - [Gary McKinnon and the "biggest military computer hack of all time"](https://www.blackhatethicalhacking.com/articles/gary-mckinnon-and-the-biggest-military-computer-hack-of-all-time/) - Gary McKinnon, a 36-year-old computer hacker, was accused of hacking into 97 computers belonging to the U.S. Army, Navy, Air Force, Department of Defense, and NASA. - [Critical Flaw in TP-Link Archer C5400X Router Allows Remote Command Execution](https://www.blackhatethicalhacking.com/news/critical-flaw-in-tp-link-archer-c5400x-router-allows-remote-command-execution/) - A critical security flaw has been identified in the TP-Link Archer C5400X gaming router, potentially allowing unauthenticated remote attackers to execute arbitrary commands on the device. - [Fluent Bit Flaw Threatens Cloud Giants with DoS and Remote Code Execution](https://www.blackhatethicalhacking.com/news/fluent-bit-flaw-threatens-cloud-giants-with-dos-and-remote-code-execution/) - A critical vulnerability in Fluent Bit, a popular logging and metrics solution, poses significant risks to major cloud providers and numerous technology giants. This flaw, identified as CVE-2024-4323 and dubbed Linguistic Lumberjack by Tenable security researchers, affects Fluent Bit's embedded HTTP server. - [Exploit XSS Injections with a Powerful One-Line Technique](https://www.blackhatethicalhacking.com/articles/exploit-xss-injections-with-a-powerful-one-line-technique/) - In this article, we'll demonstrate practical methods for detecting and exploiting Cross-Site Scripting (XSS) injections. These techniques can be applied during source code security reviews to enhance speed and accuracy in your methodology, benefiting both security professionals and bug bounty hunters. - [FBI Shuts Down Infamous BreachForums in International Cybercrime Crackdown](https://www.blackhatethicalhacking.com/news/fbi-shuts-down-infamous-breachforums-in-international-cybercrime-crackdown/) - An international law enforcement operation coordinated by the FBI has led to the seizure of the notorious BreachForums hacking forum. BreachForums, a notorious cybercrime forum, was a marketplace for threat actors to buy, sell, and exchange stolen data, including credentials, personal, and financial information. The authorities also seized the forum's associated Telegram page. - [Digital Forensics Tool: dnstwist](https://www.blackhatethicalhacking.com/tools/dnstwist/) - dnstwist is a tool designed to identify potentially malicious domains that adversaries might use to target your organization. It generates an extensive list of domain permutations based on a provided domain name and verifies their activity. - [Online Shopping Safety: How to Use Coupons Without Compromising Your Security](https://www.blackhatethicalhacking.com/articles/online-shopping-safety-how-to-use-coupons-without-compromising-your-security/) - As the digital landscape continues to evolve, the importance of prioritizing security when shopping online has become increasingly crucial.This article will focus on the safe and responsible use of coupons, a popular tool for savvy shoppers seeking to maximize their savings. - [How to Secure your Crypto Wallet from Potential Hacking Threats](https://www.blackhatethicalhacking.com/articles/how-to-secure-your-crypto-wallet-from-potential-hacking-threats/) - In recent times, heaps of first-timers have been drawn to cryptocurrencies, allured by stories of hefty profits. While digital currency pulls in those eager to invest, it equally draws in less savory characters – hackers and swindlers itching for their next hit. - [Couponing in the Digital Age: Ensuring Safety While Scoring Great Deals](https://www.blackhatethicalhacking.com/articles/couponing-in-the-digital-age-ensuring-safety-while-scoring-great-deals/) - The world of couponing has undergone a remarkable transformation. Gone are the days of meticulously clipping and organizing paper coupons from newspapers and magazines. - [The Importance of Expertise: Why Manual Pentesting Beats Automated Solutions](https://www.blackhatethicalhacking.com/articles/the-importance-of-expertise-why-manual-pentesting-beats-automated-solutions/) - In this article, we'll discuss the importance of expertise in penetration testing, particularly emphasizing the superiority of manual Pentesting over automated solutions. Automated tools and/or solutions lack the human intuition and critical thinking necessary for thorough assessments. - [Understanding the Advantages and Challenges of Zero Trust Security](https://www.blackhatethicalhacking.com/articles/understanding-the-advantages-and-challenges-of-zero-trust-security/) - In this article, we'll explore the concept of Zero Trust, a security framework designed to address the risks confronting modern businesses, both internally and externally. Zero Trust operates on the premise that every connection and endpoint could pose a threat, necessitating constant verification and authorization. Despite its advantages, Zero Trust is not a one-size-fits-all solution and faces several limitations and challenges. - [D-Link's DIR-X4860 Vulnerable to Remote Command Execution with Zero-Day Exploit and Released PoC](https://www.blackhatethicalhacking.com/news/d-links-dir-x4860-vulnerable-to-remote-command-execution-with-zero-day-exploit-and-released-poc/) - Vulnerabilities discovered in D-Link's flagship router, the EXO AX4800 (DIR-X4860) by the SSD Secure Disclosure team have exposed the device to remote unauthenticated command execution, potentially paving the way for complete takeover by malicious actors with access to the HNAP port. - [Critical RCE Flaws Discovered in HPE Aruba Devices](https://www.blackhatethicalhacking.com/news/critical-rce-flaws-discovered-in-hpe-aruba-devices/) - HPE Aruba Networking has released its April 2024 security advisory, outlining critical remote code execution (RCE) vulnerabilities affecting various versions of ArubaOS, its proprietary network operating system. - [Malicious Python Package Conceals Golang-based Sliver C2 Framework](https://www.blackhatethicalhacking.com/news/malicious-python-package-conceals-golang-based-sliver-c2-framework/) - Researchers uncovered a malicious Python package harboring a concealed threat within a seemingly innocuous PNG image. The package, masquerading as a variant of the widely used requests library, was discovered to contain a Golang version of the Sliver command-and-control (C2) framework, cunningly embedded within an image of the project's logo. - [New 'Dev Popper' Campaign Lures Developers with Job Offers, Spreads Python RAT](https://www.blackhatethicalhacking.com/news/new-dev-popper-campaign-lures-developers-with-job-offers-spreads-python-rat/) - A newly identified campaign dubbed "Dev Popper" is honing in on software developers with a deceptive strategy of offering fake job interviews, aiming to dupe them into installing a Python remote access trojan (RAT). - [Muddling Meerkat: Unprecedented Global DNS Manipulation by Chinese Threat Actors](https://www.blackhatethicalhacking.com/news/muddling-meerkat-unprecedented-global-dns-manipulation-by-chinese-threat-actors/) - A newly detected cluster of activity, labeled "Muddling Meerkat," is believed to be connected to a Chinese state-sponsored threat actor's manipulation of DNS systems to probe networks on a global scale since October 2019. Notably, a surge in activity was observed in September 2023. - [Dell Data Breach Alert: 49 Million Customers at Risk](https://www.blackhatethicalhacking.com/news/dell-data-breach-alert-49-million-customers-at-risk/) - Dell has issued a cautionary notice to its customers following a significant data breach, wherein a threat actor purportedly gained access to information belonging to approximately 49 million customers. The breach, which Dell began investigating recently, involves a breach of a Dell portal housing customer data related to purchases. - [TunnelVision: The New VPN Bypass Technique Exposing Users to Surveillance](https://www.blackhatethicalhacking.com/news/tunnelvision-the-new-vpn-bypass-technique-exposing-users-to-surveillance/) - Leviathan Security researchers have unearthed a groundbreaking method of breaching VPN encapsulation, dubbed TunnelVision, allowing malicious actors to covertly intercept users' traffic. This innovative attack leverages inherent features of DHCP (Dynamic Host Configuration Protocol) to divert a target's traffic away from the VPN tunnel. - [New Cuttlefish Malware Hijacks Router Traffic to Harvest Credentials](https://www.blackhatethicalhacking.com/news/new-cuttlefish-malware-hijacks-router-traffic-to-harvest-credentials/) - Cuttlefish operates by infiltrating routers and establishing a proxy or VPN tunnel, allowing it to stealthy monitor data passing through the compromised devices. This sophisticated approach enables the malware to bypass security measures that typically detect unusual sign-ins. - [Offensive Security Tool: pphack](https://www.blackhatethicalhacking.com/tools/pphack/) - pphack is a tool designed for detecting prototype pollution vulnerabilities in client-side JavaScript code. - [North Korean APT Kimsuky Deploys New Gomir Linux Backdoor in Targeted Attacks](https://www.blackhatethicalhacking.com/news/north-korean-apt-kimsuky-deploys-new-gomir-linux-backdoor-in-targeted-attacks/) - The North Korean hacker group Kimsuky has introduced a new Linux malware called Gomir, a variant of the GoBear backdoor, delivered through trojanized software installers. - [Apple: Security Patch Rollout Shields Older iPhones from Zero-Day Attacks](https://www.blackhatethicalhacking.com/news/apple-security-patch-rollout-shields-older-iphones-from-zero-day-attacks/) - Apple has taken action to safeguard older iPhones and iPads by backporting critical security patches released in March, effectively neutralizing a zero-day exploit targeting the iOS Kernel. - [A Hacker's Guide to Subdomain Enumeration](https://www.blackhatethicalhacking.com/articles/a-hackers-guide-to-subdomain-enumeration/) - Enumeration is key when it comes to hacking; enumerating subdomains leads to discovering many untouched surfaces with vulnerabilities. By understanding how to uncover more hidden subdomains a target has, you can significantly increase coverage, especially when performing Bug Bounty Hunting or Pentesting. - [WordPress: Hackers Exploit LiteSpeed Cache Plugin Vulnerability](https://www.blackhatethicalhacking.com/news/wordpress-hackers-exploit-litespeed-cache-plugin-vulnerability/) - Threat actors have set their sights on WordPress sites, exploiting an outdated iteration of the LiteSpeed Cache plugin to gain administrative privileges. - [Critical Vulnerability in Tinyproxy Leaves More than 50K Hosts Exposed](https://www.blackhatethicalhacking.com/news/critical-vulnerability-in-tinyproxy-leaves-more-than-50k-hosts-exposed/) - More than half of the 90,310 hosts worldwide are found to be exposing a vulnerable Tinyproxy service on the internet, susceptible to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. - [Hide Payloads in PDF Files using Cobalt Strike Beacons](https://www.blackhatethicalhacking.com/articles/hide-payloads-in-pdf-files-using-cobalt-strike-beacons/) - In this article, we'll demonstrate how Cobalt Strike can be used to conceal communications within PDF files. Through examples, we depict embedding payloads directly into PDFs. Steganography techniques are explored, showcasing methods to embed beacons within PDFs' metadata. - [OSINT Tool: Certina](https://www.blackhatethicalhacking.com/tools/certina/) - Certina is an OSINT tool for red teamers, bug bounty hunters and pentesters to discover subdomains from web certificate data. - [Using VPS for Bug Bounty, comparing VPS providers](https://www.blackhatethicalhacking.com/articles/using-vps-for-bug-bounty-comparing-vps-providers/) - In this article we present the benefits of using VPS (Virtual Private Server) for Bug Bounty and we compare the different providers. - [VPN: You may not be as secure as you think you are](https://www.blackhatethicalhacking.com/facts/you-may-not-be-as-secure-as-you-think-you-are/) - VPN: You may not be as secure as you think you are - [Malware Campaign Hijacks eScan Antivirus Updates for Backdoor and Cryptocurrency Miner Distribution](https://www.blackhatethicalhacking.com/news/malware-campaign-hijacks-escan-antivirus-updates-for-backdoor-and-cryptocurrency-miner-distribution/) - Avast researchers recently uncovered a troubling malware campaign that capitalized on the update mechanism of the eScan antivirus software to disseminate backdoors and cryptocurrency miners across targeted systems. This discovery sheds light on a sophisticated attack method employed by threat actors, potentially linked to North Korea's AP Kimsuky group. - [CoralRaider Exploits CDN Cache to Deploy Info-Stealer Malware](https://www.blackhatethicalhacking.com/news/coralraider-exploits-cdn-cache-to-deploy-info-stealer-malware/) - A recently discovered cyber campaign orchestrated by a threat actor known as CoralRaider has leveraged a content delivery network (CDN) cache to conceal information-stealing malware, targeting systems in the U.S., U.K., Germany, and Japan. - [GooseEgg: APT28's Secret Weapon Exploiting Critical Windows Print Spooler Flaw](https://www.blackhatethicalhacking.com/news/gooseegg-apt28s-secret-weapon-exploiting-critical-windows-print-spooler-flaw/) - Microsoft has disclosed that the Russia-linked APT28 group, also known as "Forest Blizzard," "Fancybear," or "Strontium," has leveraged a previously undisclosed tool named GooseEgg to exploit a critical vulnerability in the Windows Print Spooler service, specifically CVE-2022-38028. - [Forminator Plugin Flaw: Unrestricted Uploads Put 200,000+ WordPress Sites at Risk](https://www.blackhatethicalhacking.com/news/forminator-plugin-flaw-unrestricted-uploads-put-200000-wordpress-sites-at-risk/) - Japan’s Computer Emergency Response Team (CERT) has issued a urgent warning regarding multiple vulnerabilities in the popular Forminator WordPress plugin, developed by WPMU DEV. Among these vulnerabilities is a critical flaw, identified as CVE-2024-28890 (CVSS v3: 9.8), which allows remote attackers to conduct unrestricted file uploads to WordPress sites using the plugin. - [Critical Flaw in WP Automatic WordPress Plugin Allows Admin Account Hijacking](https://www.blackhatethicalhacking.com/news/critical-flaw-in-wp-automatic-wordpress-plugin-allows-admin-account-hijacking/) - A critical vulnerability in the WP Automatic plugin for WordPress has become a target for threat actors, allowing them to create user accounts with administrative privileges and implant backdoors for sustained access. - [Offensive Security Tool: 403jump](https://www.blackhatethicalhacking.com/tools/403jump/) - 403jump is a tool designed for penetration testers and bug bounty hunters to audit the security of web applications and identify potential vulnerabilities. It aims to bypass HTTP 403 (Forbidden) pages using various techniques. - [10 Misconceptions about Hacking](https://www.blackhatethicalhacking.com/articles/10-misconceptions-about-hacking/) - In this article, we'll discuss about ten common misconceptions surrounding hacking, gaining insights into the diverse and nuanced nature of this field. - [OSINT Tool: NetScout](https://www.blackhatethicalhacking.com/tools/netscout/) - NetScout is an OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL. - [FIN7 Targets U.S. Carmaker's IT Department in Spear-Phishing Assault](https://www.blackhatethicalhacking.com/news/fin7-targets-u-s-carmakers-it-department-in-spear-phishing-assault/) - In a recent disclosure by BlackBerry researchers, it has been revealed that the financially motivated cybercrime group FIN7 targeted a prominent U.S. automotive manufacturer through a sophisticated spear-phishing campaign in late 2023. - [Threat Actors Deploy Cerber Ransomware on Atlassian Servers Using CVE-2023-22518 Exploit](https://www.blackhatethicalhacking.com/news/threat-actors-deploy-cerber-ransomware-on-atlassian-servers-using-cve-2023-22518-exploit/) - Threat actors have been leveraging a critical vulnerability in Atlassian servers, tracked as CVE-2023-22518, to deploy a Linux variant of the Cerber (C3RB3R) ransomware, posing a significant risk to Confluence servers. - [Cisco: Large-Scale Brute-Forcing Campaign Hits VPN and SSH Services Worldwide](https://www.blackhatethicalhacking.com/news/cisco-large-scale-brute-forcing-campaign-hits-vpn-and-ssh-services-worldwide/) - Cisco Talos Issues Warning on Widespread Brute-Force Campaign Targeting VPN and SSH Services - [Semiconductor Giant Nexperia Targeted in Massive 1 TB Data Breach by Dark Angels Ransomware Group](https://www.blackhatethicalhacking.com/news/semiconductor-giant-nexperia-targeted-in-massive-1-tb-data-breach-by-dark-angels-ransomware-group/) - Nexperia, a leading semiconductor manufacturer based in Nijmegen, Netherlands, has fallen victim to a significant cyberattack. The Dark Angels (Dunghill) ransomware group announced its responsibility for infiltrating the company's servers and exfiltrating a staggering 1 terabyte of confidential data. - [First Native Spectre V2 Exploit Impacts Linux Systems Running on Intel CPUs](https://www.blackhatethicalhacking.com/news/first-native-spectre-v2-exploit-impacts-linux-systems-running-on-intel-cpus/) - Security researchers have unveiled the "first native Spectre v2 exploit," targeting Linux systems running on modern Intel processors. This new speculative execution side-channel flaw represents a significant security challenge, demonstrating ongoing complexities in addressing fundamental CPU vulnerabilities years after the original Spectre discovery. - [HTTP/2 'CONTINUATION Flood' Technique Can Be Exploited in DoS Attacks](https://www.blackhatethicalhacking.com/news/http-2-continuation-flood-technique-can-be-exploited-in-dos-attacks/) - A revelation has surfaced concerning the HTTP/2 protocol, as newly discovered vulnerabilities dubbed "CONTINUATION Flood" pose a great threat to web servers, potentially leading to debilitating denial of service (DoS) assaults. - [Critical Cross-Site Scripting Vulnerability Detected in WordPress WP-Members Membership Plugin](https://www.blackhatethicalhacking.com/news/critical-cross-site-scripting-vulnerability-detected-in-wordpress-wp-members-membership-plugin/) - Security researchers from Defiant's Wordfence research team have uncovered a critical cross-site scripting (XXS) vulnerability within the widely-used WordPress WP-Members Membership plugin. This vulnerability, if exploited, could facilitate malicious script injection, posing a significant threat to over 60,000 WordPress websites currently utilizing the plugin. - [Critical Flaw Exposes 92,000 D-Link NAS Devices: Arbitrary Command Injection and Backdoor Revealed](https://www.blackhatethicalhacking.com/news/critical-flaw-exposes-92000-d-link-nas-devices-arbitrary-command-injection-and-backdoor-revealed/) - A recent disclosure by threat researcher 'Netsecfish' has unveiled severe vulnerabilities affecting multiple end-of-life D-Link Network Attached Storage (NAS) device models. The flaws, identified as CVE-2024-3273, involve an arbitrary command injection and a hardcoded backdoor within the '/cgi-bin/nas_sharing.cgi' script's HTTP GET Request Handler component. - [Roku Discloses 576,000 Account Hacks in Credential Stuffing Attacks](https://www.blackhatethicalhacking.com/news/roku-discloses-576000-account-hacks-in-credential-stuffing-attacks/) - Roku has issued a warning after discovering that approximately 576,000 user accounts were compromised in a series of credential stuffing attacks, marking a significant escalation following a similar incident disclosed earlier in March. - [BatBadBut: Rust Library Bug Puts Windows Systems at Risk of Command Injection](https://www.blackhatethicalhacking.com/news/batbadbut-rust-library-bug-puts-windows-systems-at-risk-of-command-injection/) - A critical security vulnerability in the Rust standard library (CVE-2024-24576) has been identified, posing a significant threat to Windows systems by enabling command injection attacks. This flaw, rated as critical by GitHub with a CVSS base score of 10/10, stems from weaknesses in OS command and argument handling. - [Google Chrome Zero-Day Patched Post-Pwn2Own March Exploits](https://www.blackhatethicalhacking.com/news/google-chrome-zero-day-patched-post-pwn2own-march-exploits/) - Google has successfully addressed another zero-day vulnerability discovered in the Chrome browser. Tracked as CVE-2024-3159, this high-severity flaw, exploited by security researchers during the recent Pwn2Own hacking contest, posed significant risks to user data and system integrity. - [Apple Warns iPhone Users of 'Mercenary Spyware Attack' Targeting 92 Countries](https://www.blackhatethicalhacking.com/news/apple-warns-iphone-users-of-mercenary-spyware-attack-targeting-92-countries/) - Apple has issued a critical warning to iPhone users across 92 countries, alerting them to a "mercenary spyware attack" targeting specific individuals through sophisticated surveillance techniques. - [Top 5 Casino Hacking Incidents](https://www.blackhatethicalhacking.com/articles/top-5-casino-hacking-incidents/) - Online safety at casinos is one of the most crucial elements of gambling. We are currently witnessing ​​global hack revolution gambling. So to learn from the lessons of the past, today we are counting the top five notable hacker attacks on online casinos, and what we have learned. - [Penetration Testing 101: How To Utilize Proxies For Enhanced Privacy](https://www.blackhatethicalhacking.com/articles/penetration-testing-101-how-to-utilize-proxies-for-enhanced-privacy/) - In the intricate landscape of cybersecurity, penetration testing emerges as a critical practice, serving as a proactive measure to unearth vulnerabilities in systems before malicious actors do. This ethical hacking process not only underscores the commitment to digital fortification but also navigates a complex web of ethical and legal considerations, ensuring that all activities are sanctioned and intended to bolster security. - [Google Chrome adds V8 Sandbox to Combat Memory Corruption Attacks](https://www.blackhatethicalhacking.com/news/google-chrome-adds-v8-sandbox-to-combat-memory-corruption-attacks/) - Google has introduced the V8 Sandbox, a mechanism designed to protect its widely-used V8 JavaScript engine from memory corruption attacks. - [Google Implements Stricter Measures Against Bulk Email Senders](https://www.blackhatethicalhacking.com/news/google-implements-stricter-measures-against-bulk-email-senders/) - In a bid to fortify defenses against spam and phishing attacks, Google has initiated automatic blocking of emails sent by bulk senders failing to meet stringent thresholds. This move, announced in October, comes as part of Google's ongoing efforts to bolster email security and protect users from malicious content infiltrating their inboxes. - [AT&T Data Breach: 73 Million Customers' Information Exposed](https://www.blackhatethicalhacking.com/news/att-data-breach-73-million-customers-information-exposed/) - After weeks of denial, telecommunications giant AT&T has finally admitted to a data breach impacting a staggering 73 million current and former customers. Initially refuting claims that leaked data originated from their systems, the company now confirms the authenticity of the compromised information. - [Apple Under Attack: New GoFetch Exploit Targets Secret Keys in M-Series Processors](https://www.blackhatethicalhacking.com/news/apple-under-attack-new-gofetch-exploit-targets-secret-keys-in-m-series-processors/) - A side-channel attack dubbed "GoFetch" has emerged, posing a significant threat to the security of Apple's M-Series processors, including the M1, M2, and M3 chips. This sophisticated attack method has the capability to stealthily extract secret cryptographic keys from data residing in the CPU's cache. - [Understanding PTaaS and SOC](https://www.blackhatethicalhacking.com/articles/understanding-ptaas-and-soc/) - In this article, we'll showcase the differences between Penetration Testing as a Service (PTaaS) and Security Operations Centers (SOCs) by comparing them and explain which one can be the more effective overall solution for organizations to protect their infrastructure. - [Darcula: The New Phishing-as-a-Service Targeting Android and iPhone Users Worldwide](https://www.blackhatethicalhacking.com/news/darcula-the-new-phishing-as-a-service-targeting-android-and-iphone-users-worldwide/) - A sophisticated phishing-as-a-service (PhaaS) operation dubbed 'Darcula' has emerged, utilizing over 20,000 domains to impersonate brands and extract credentials from Android and iPhone users across more than 100 countries. - [Linux Vulnerability "WallEscape" Leaves Users Exposed to Password Theft](https://www.blackhatethicalhacking.com/news/linux-vulnerability-wallescape-leaves-users-exposed-to-password-theft/) - A critical vulnerability in the 'wall' command of the util-linux package, dubbed WallEscape and tracked as CVE-2024-28085, has been discovered, posing a significant security risk to Linux users. This flaw, present in every version of the package for the past 11 years up to version 2.40, could potentially enable an unprivileged attacker to steal passwords or manipulate the victim's clipboard. - [GEOBOX: Raspberry Pi Transforms Into A Tool For Fraud And Anonymization](https://www.blackhatethicalhacking.com/news/geobox-raspberry-pi-transforms-into-a-tool-for-fraud-and-anonymization/) - Cybercriminals have escalated their tactics, repurposing innocuous devices like Raspberry Pi into potent, 'plug-and-play' instruments for digital fraud. Augmented with GEOBOX, their operations attain a new level of sophistication, enabling manipulation of GPS data, network simulation, Wi-Fi spoofing, and evasion of anti-fraud filters. - [Offensive Security Tool: WAF Bypass](https://www.blackhatethicalhacking.com/tools/waf-bypass/) - WAF bypass is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. - [Supply-Chain Attack Strikes The Largest Discord Bot Community Top.gg](https://www.blackhatethicalhacking.com/news/supply-chain-attack-strikes-the-largest-discord-bot-community-top-gg/) - The Top.gg Discord bot community, boasting over 170,000 members, finds itself reeling from the aftermath of a supply-chain attack, aimed at infiltrating developers with malware designed to steal sensitive information. - [Digital Forensics Tool: mailMeta](https://www.blackhatethicalhacking.com/tools/mailmeta/) - mailMeta is a python based forensic tool which reads through the email headers from the email file and extracts crucial information to identify if the email is legitimate. - [Loop DoS - New DoS Attack Targets Application-Layer Protocols, with Potential Impact on 300K Hosts](https://www.blackhatethicalhacking.com/news/loop-dos-new-dos-attack-targets-application-layer-protocols-with-potential-impact-on-300k-hosts/) - Cybersecurity experts have uncovered a newly identified DoS loop attack, distinguished by its self-perpetuating nature and targeted approach toward application-layer messages. This sophisticated technique involves the pairing of two network services, triggering an endless exchange of responses that inundate systems or networks with overwhelming traffic, resulting in a denial of service. - [New Acoustic Attacks Decipher Keystrokes in Any Environment](https://www.blackhatethicalhacking.com/news/new-acoustic-attacks-decipher-keystrokes-in-any-environment/) - A study by researchers Alireza Taheritajar and Reza Rahaeimehr from Augusta University in the U.S. has revealed a novel acoustic side-channel attack targeting keyboards, capable of deducing user input by analyzing typing patterns, even amidst challenging conditions such as noisy environments. - [Data-Wiping Malware Dubbed AcidPour Strikes Linux x86 Systems](https://www.blackhatethicalhacking.com/news/data-wiping-malware-dubbed-acidpour-strikes-linux-x86-systems/) - A new variant of the data-wiping malware known as AcidRain has emerged, specifically tailored to target Linux x86 devices. Dubbed AcidPour, this variant represents a notable evolution, compiled specifically for Linux x86 devices. - [Pwn2Own Vancouver 2024: Security Researchers Rack Up $1.13M with 29 Zero-Day Exploits](https://www.blackhatethicalhacking.com/news/pwn2own-vancouver-2024-security-researchers-rack-up-1-13m-with-29-zero-day-exploits/) - The Pwn2Own Vancouver 2024 concluded with a remarkable showcase of cybersecurity prowess, as participating security researchers amassed a staggering $1,132,500 in prize money by uncovering 29 zero-day exploits (alongside some bug collisions). - [How to Exploit “improper error handling” in Web Applications](https://www.blackhatethicalhacking.com/articles/how-to-exploit-improper-error-handling-in-web-applications/) - In this article we'll discuss and demonstrate how improper error handling can be exploited in Web Applications. We'll also discuss how various types of error handling can introduce various types of attack vectors. - [Can an Amazon Fire Stick be Hacked?](https://www.blackhatethicalhacking.com/articles/can-an-amazon-fire-stick-be-hacked/) - With its vast entertainment library, the Fire Stick has become a household favorite. But just like any connected device, it faces potential security risks. This article explores these vulnerabilities and outlines essential steps. It will help you safeguard your Fire Stick and secure your streaming experience. - [Nissan Oceania's Data Breach Leaves 100,000 Individuals Exposed](https://www.blackhatethicalhacking.com/news/nissan-oceanias-data-breach-leaves-100000-individuals-exposed/) - Nissan Oceania has issued a warning following a data breach affecting approximately 100,000 individuals, stemming from a cyberattack in December 2023 attributed to the Akira ransomware operation. - [Study Uncovers Vulnerabilities in ChatGPT Plugins, Risking Data Exposure and Account Takeover](https://www.blackhatethicalhacking.com/news/study-uncovers-vulnerabilities-in-chatgpt-plugins-risking-data-exposure-and-account-takeover/) - A recent analysis conducted by researchers has unearthed a series of vulnerabilities within ChatGPT plugins, shedding light on potential risks associated with data exposure and account takeovers. The investigation, spearheaded by Salt Security, examined various ChatGPT plugins, uncovering critical flaws that could compromise user security. - [Ransomware Breach at Stanford University in September Exposed the Personal Information of 27,000 Individuals](https://www.blackhatethicalhacking.com/news/ransomware-breach-at-stanford-university-in-september-exposed-the-personal-information-of-27000-individuals/) - Stanford University has revealed that the personal data of 27,000 individuals was pilfered in a ransomware attack targeting its Department of Public Safety (SUDPS) network. - [Financially Motivated Group Magnet Goblin Exploits 1-Day Vulnerabilities with Custom Malware](https://www.blackhatethicalhacking.com/news/financially-motivated-group-magnet-goblin-exploits-1-day-vulnerabilities-with-custom-malware/) - The financially motivated hacking group Magnet Goblin has gained attention for its adoption and exploitation of 1-day vulnerabilities, as warned by CheckPoint. This threat actor focuses on targeting internet-facing services, with notable exploits including the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN. - [WordPress Popup Builder Plugin Flaw Exploited by Hackers, Compromising 3,300 Sites](https://www.blackhatethicalhacking.com/news/wordpress-popup-builder-plugin-flaw-exploited-by-hackers-compromising-3300-sites/) - Hackers are actively breaching WordPress sites by exploiting a vulnerability present in outdated versions of the Popup Builder plugin, resulting in the infection of over 3,300 websites with malicious code. - [Apple's Emergency Updates Address Exploited iOS Zero-Day Vulnerabilities](https://www.blackhatethicalhacking.com/news/apples-emergency-updates-address-exploited-ios-zero-day-vulnerabilities/) - Apple has issued emergency security updates in response to the exploitation of two zero-day vulnerabilities in iOS, prompting urgent action to safeguard iPhone users from potential cyber threats. - [WordPress Sites Hijacked for Widescale Brute Force Campaign](https://www.blackhatethicalhacking.com/news/wordpress-sites-hijacked-for-widescale-brute-force-campaign/) - A wave of widescale attacks targeting WordPress sites has emerged, with hackers exploiting vulnerabilities to inject scripts that harness visitors' browsers for large-scale brute force attacks on other websites. - [GTPDOOR: The Stealthy Linux Backdoor Targeting Telecom Networks](https://www.blackhatethicalhacking.com/news/gtpdoor-the-stealthy-linux-backdoor-targeting-telecom-networks/) - In a recent revelation, security researcher HaxRob has uncovered a previously unknown Linux backdoor named GTPDOOR, meticulously crafted for clandestine operations within mobile carrier networks. - [Recon Tool: SiCat](https://www.blackhatethicalhacking.com/tools/sicat/) - SiCat is an exploit search tool, and its primary objective is to efficiently identify and gather information about potential exploits from various sources, including both online repositories and local resources. - [Critical Vulnerability in JetBrains' TeamCity Exposes Servers to Remote Takeover](https://www.blackhatethicalhacking.com/news/critical-vulnerability-in-jetbrains-teamcity-exposes-servers-to-remote-takeover/) - A critical security vulnerability (CVE-2024-27198) discovered in JetBrains' TeamCity On-Premises CI/CD solution has raised alarms, as it permits remote unauthenticated attackers to gain administrative control over servers. - [Urgent Joomla Update: Addressing the High-Risk CVEs Exploitable for Arbitrary Code Execution](https://www.blackhatethicalhacking.com/news/urgent-joomla-update-addressing-the-high-risk-cves-exploitable-for-arbitrary-code-execution/) - In a recent revelation, Joomla, the popular content management system (CMS), has been found susceptible to five critical vulnerabilities, each posing a severe risk of arbitrary code execution on compromised websites. These vulnerabilities, impacting multiple versions of Joomla, have prompted immediate action from the vendor, resulting in fixes included in versions 5.0.3 and 4.4.3 of the CMS. - [Cactus Ransomware Targets Schneider Electric, Allegedly Exfiltrating 1.5TB of Data](https://www.blackhatethicalhacking.com/news/cactus-ransomware-targets-schneider-electric-allegedly-exfiltrating-1-5tb-of-data/) - Schneider Electric, a prominent energy management and automation corporation, finds itself embroiled in a cybersecurity crisis following a breach by the notorious Cactus ransomware gang. The group claims to have infiltrated Schneider Electric's network last month, stealing a staggering 1.5 terabytes of data. - [SSH-Snake: The Advanced Tactics of an Evolved SSH Worm](https://www.blackhatethicalhacking.com/news/ssh-snake-the-advanced-tactics-of-an-evolved-ssh-worm/) - A threat actor is leveraging an open-source network mapping tool known as SSH-Snake to stealthy hunt for private keys and move laterally on victim's infrastructure. Discovered by the Sysdig Threat Research Team (TRT), SSH-Snake represents a significant departure from conventional SSH worms, employing sophisticated techniques to evade detection while orchestrating lateral movement within compromised networks. - [Offensive Security Tool: SmuggleFuzz](https://www.blackhatethicalhacking.com/tools/smugglefuzz/) - SmuggleFuzz is a tool designed for rapid and customizable scanning of HTTP downgrade smuggling vulnerabilities. It provides users with the ability to define their own gadget lists, allowing for deeper insights into the reasons behind failed smuggling attacks. - [Offensive Security Techniques Repo: RustRedOps](https://www.blackhatethicalhacking.com/tools/rustredops/) - RustRedOps is a repository dedicated to gathering and sharing various tools, projects, advanced techniques and offensive malware related to Red Team operations, with a specific focus on the Rust programming language. - [LockBit Ransomware Resurfaces, Threatening Government Sector Amid Infrastructure Relaunch](https://www.blackhatethicalhacking.com/news/lockbit-ransomware-resurfaces-threatening-government-sector-amid-infrastructure-relaunch/) - The infamous LockBit gang has quickly resumed its ransomware operation on new infrastructure, less than a week after law enforcement authorities infiltrated its systems, inflicting a crushing blow. With a chilling message to government institutions, the gang threatens to escalate its attacks on the public sector. - [LiteSpeed Cache Plugin Exposes 5 Million WordPress Sites to Privilege Escalation](https://www.blackhatethicalhacking.com/news/litespeed-cache-plugin-exposes-5-million-wordpress-sites-to-privilege-escalation/) - A critical security vulnerability has been unveiled in the LiteSpeed Cache plugin for WordPress, posing a significant risk of privilege escalation for unauthenticated users. Tracked as CVE-2023-40000, this vulnerability was addressed in October 2023 with the release of version 5.7.0.1 of the plugin. - [Kali Linux 2024.1 Release with New Tools, Micro Mirror CDN addition, and Theme Refresh](https://www.blackhatethicalhacking.com/news/kali-linux-2024-1-release-with-new-tools-micro-mirror-cdn-addition-and-theme-refresh/) - Kali Linux unveils its latest release, 2024.1, featuring fresh visual elements, enhanced mirror infrastructure, and new tools and updates. Highlights include collaboration with the Micro Mirror Free Software CDN, a vibrant theme refresh, desktop environment tweaks, NetHunter advancements, while also adding new tools like blue-hydra, opentaxii, readpe, and snort. - [Offensive Security Tool: Upload_Bypass](https://www.blackhatethicalhacking.com/tools/upload_bypass/) - Upload Bypass is a simple tool designed to assist penetration testers and bug hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough assessments of web applications. - [UAC-0184 Employed Steganography for Covert Deployment of Remcos RAT in Targeted Operations](https://www.blackhatethicalhacking.com/news/uac-0184-employed-steganography-for-covert-deployment-of-remcos-rat-in-targeted-operations/) - A hacking group identified as 'UAC-0184' has recently been detected employing sophisticated tactics, including steganography, to distribute the Remcos remote access trojan (RAT) to the systems of a Ukrainian entity operating in Finland. - [The Deceptive Tactics of the New Linux Bifrost RAT Variant](https://www.blackhatethicalhacking.com/news/the-deceptive-tactics-of-the-new-linux-bifrost-rat-variant/) - In a recent discovery, cybersecurity experts have uncovered a new variant of the infamous Bifrost remote access trojan (RAT) tailored specifically for Linux systems. This sophisticated malware employs a series of innovative evasion techniques, including the utilization of a deceptive domain cleverly disguised to resemble a legitimate VMware entity. - [Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming](https://www.blackhatethicalhacking.com/articles/analyzing-microsofts-nbns-and-bootp-protocols-with-wireshark-for-red-teaming/) - In this article, we'll dive into the functionalities of Wireshark, a powerful network protocol analyzer for network packet sniffing. We'll focus on two key services: Microsoft's NBNS (NetBIOS Name Service) and BOOTP (Bootstrap Protocol). We'll show you how you can use them when you perform your Red Team engagements, particularly for Internal Pentesting or Local Network enumeration techniques, taking advantage of such vulnerable components by design that can be forgotten. - [New RansomHouse Tool 'MrAgent' Streamlines Ransomware Attacks on VMware ESXi Hypervisors](https://www.blackhatethicalhacking.com/news/new-ransomhouse-tool-mragent-streamlines-ransomware-attacks-on-vmware-esxi-hypervisors/) - he RansomHouse ransomware operation has unveiled a new tool called 'MrAgent,' designed to streamline the deployment of its data encrypter across multiple VMware ESXi hypervisors. RansomHouse, a ransomware-as-a-service (RaaS) operation known for its double extortion tactics, has been targeting large organizations since its emergence in December 2021. - ['Migo' - Stealthy Malware Targets Redis Servers, Initiates Cryptocurrency Mining](https://www.blackhatethicalhacking.com/news/migo-stealthy-malware-targets-redis-servers-initiates-cryptocurrency-mining/) - Security researchers have unearthed a new campaign poised to exploit Redis servers on Linux hosts, deploying a malware strain dubbed 'Migo' to stealthy mine for cryptocurrency. - [BASICSTAR: Charming Kitten's Latest Cyberweapon](https://www.blackhatethicalhacking.com/news/basicstar-charming-kittens-latest-cyberweapon/) - A cyber threat group originating from Iran, known as Charming Kitten, has resurfaced with a fresh wave of attacks targeting experts in Middle East policy using a newly identified backdoor named BASICSTAR. - [ExpressVPN Removes Split Tunneling Feature Over DNS Leak](https://www.blackhatethicalhacking.com/news/expressvpn-removes-split-tunneling-feature-over-dns-leak/) - In a recent development, ExpressVPN has taken action to address a critical flaw in its software, prompting the removal of the split tunneling feature from its latest version. The decision came after the discovery of a bug that inadvertently exposed users' visited domains to configured DNS servers. - [Hackers Exploit Ivanti Vulnerability to Deploy DSLog Backdoor](https://www.blackhatethicalhacking.com/news/hackers-exploit-ivanti-vulnerability-to-deploy-dslog-backdoor/) - In a recent development, hackers are capitalizing on a server-side request forgery (SSRF) vulnerability present in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a newly identified backdoor named DSLog on susceptible devices. - [GoldPickaxe: New Face-Scanning Trojan Threatens iOS and Android Users](https://www.blackhatethicalhacking.com/news/goldpickaxe-new-face-scanning-trojan-threatens-ios-and-android-users/) - Cybersecurity firm Group-IB has uncovered a new threat to mobile users dubbed 'GoldPickaxe,' a trojan employed by the Chinese threat group 'GoldFactory' to orchestrate social engineering attacks and potentially perpetrate banking fraud using deepfake technology. - [Major Cyber Attacks that shaped 2023](https://www.blackhatethicalhacking.com/articles/major-cyber-attacks-that-shaped-2023/) - In this article, we'll dive into the major cyberattacks that shaped 2023, exploring a domain marked by a surge in both the frequency and sophistication of cyber threats. The year witnessed an escalation in the exploitation of vulnerabilities, with ransomware, phishing, and supply chain attacks emerging as predominant vectors. - [Microsoft Patches Windows Defender Zero-Day Exploited by DarkMe RAT](https://www.blackhatethicalhacking.com/news/microsoft-patches-windows-defender-zero-day-exploited-by-darkme-rat/) - In a recent security development, Microsoft has responded to an active threat by patching a zero-day vulnerability in Windows Defender SmartScreen, which was exploited by a financially motivated threat group to distribute the DarkMe remote access trojan (RAT). - [Social Media Safety: Navigating Privacy Risks and Cyber Threats in the Digital Age](https://www.blackhatethicalhacking.com/articles/social-media-safety-navigating-privacy-risks-and-cyber-threats-in-the-digital-age/) - The world is very connected these days, and social media sites have become the spot where people talk about their lives, stories, and thoughts. But as we move through these huge digital worlds, there are always privacy risks and hacking threats. - [Critical Fortinet Flaw in FortiOS SSL VPN is Actively Exploited](https://www.blackhatethicalhacking.com/news/critical-fortinet-flaw-in-fortios-ssl-vpn-is-actively-exploited/) - Fortinet has issued a warning concerning a critical remote code execution (RCE) vulnerability discovered in FortiOS SSL VPN, identified as CVE-2024-21762, with a CVSS score of 9.6. - [Critical Vulnerability in Shim Bootloader Threatens Linux Systems](https://www.blackhatethicalhacking.com/news/critical-vulnerability-in-shim-bootloader-threatens-linux-systems/) - A critical vulnerability discovered in the Shim Linux bootloader has sent shockwaves through the Linux community, exposing systems to the risk of pre-kernel code execution and potential takeover by attackers - [Critical Flaw - JetBrains Urges Immediate Patching of TeamCity Servers](https://www.blackhatethicalhacking.com/news/critical-flaw-jetbrains-urges-immediate-patching-of-teamcity-servers/) - JetBrains has issued an urgent call to action for customers to swiftly patch their TeamCity On-Premises servers in response to a critical authentication bypass vulnerability, identified as CVE-2024-23917. - [Cloudflare Faces Nation-State Cyber Intrusion: Internal Systems Breached, Source Code Targeted](https://www.blackhatethicalhacking.com/news/cloudflare-faces-nation-state-cyber-intrusion-internal-systems-breached-source-code-targeted/) - Cloudflare disclosed a significant security incident involving a suspected nation-state attacker infiltrating its internal Atlassian server. The breach, which transpired on November 14, saw unauthorized access to Cloudflare's Confluence wiki, Jira bug database, and Bitbucket source code management system. - [Linux Distributions Vulnerable - Glibc Flaw Grants Root Access to Unprivileged Users](https://www.blackhatethicalhacking.com/news/linux-distributions-vulnerable-glibc-flaw-grants-root-access-to-unprivileged-users/) - A recently discovered local privilege escalation (LPE) vulnerability in the GNU C Library (glibc) is causing alarm in the Linux community, as it opens the door for unprivileged attackers to gain root access on default configurations of several major Linux distributions. - [Recon Tool: go-dork](https://www.blackhatethicalhacking.com/tools/go-dork/) - go-dork is a powerful and efficient command-line tool written in the Go programming language, designed to be the fastest dork scanner available. - [Mass Exploitation of Ivanti's Newest Zero-Day Vulnerability Threatens Thousands of Devices](https://www.blackhatethicalhacking.com/news/mass-exploitation-of-ivantis-newest-zero-day-vulnerability-threatens-thousands-of-devices/) - A critical vulnerability in Ivanti Connect Secure and Ivanti Policy Secure servers, known as CVE-2024-21893, has triggered a wave of mass exploitation by multiple attackers, posing a significant threat to affected devices. - [Mastodon Fixes Severe Flaw Allowing Impersonation and Account Takeovers](https://www.blackhatethicalhacking.com/news/mastodon-fixes-severe-flaw-allowing-impersonation-and-account-takeovers/) - Mastodon, the decentralized social networking platform, recently addressed a critical vulnerability (CVE-2024-23832) that posed a severe threat by allowing attackers to impersonate and take over remote accounts. - [Financially Motivated Hackers Exploit Legitimate Platforms in USB-Initiated Attacks](https://www.blackhatethicalhacking.com/news/financially-motivated-hackers-exploit-legitimate-platforms-in-usb-initiated-attacks/) - A financially motivated threat actor, identified as UNC4990 by Mandiant, has raised concerns with a sophisticated attack strategy involving USB devices and the strategic use of legitimate online platforms such as GitHub, Vimeo, and Ars Technica. - [Outlook - Microsoft Patches Critical Flaw Leaking NTLM Passwords](https://www.blackhatethicalhacking.com/news/outlook-microsoft-patches-critical-flaw-leaking-ntlm-passwords/) - A recently addressed security flaw in Microsoft Outlook posed a potential risk of unauthorized access to NT LAN Manager (NTLM) v2 hashed passwords. - [Several PoC exploits targeting the recent critical Jenkins vulnerability CVE-2024-23897 have been made public](https://www.blackhatethicalhacking.com/news/several-poc-exploits-targeting-the-recent-critical-jenkins-vulnerability-cve-2024-23897-have-been-made-public/) - Researchers caution that multiple proof-of-concept (PoC) exploits, aimed at the recently revealed critical Jenkins vulnerability CVE-2024-23897, have been disclosed to the public. - [Offensive Security Tool: Bob The Smuggler](https://www.blackhatethicalhacking.com/tools/bob-the-smuggler/) - Bob the Smuggler is a tool that leverages the HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. - [Stuxnet - A weapon made out of code that almost started WW3](https://www.blackhatethicalhacking.com/articles/stuxnet-a-weapon-made-out-of-code-that-almost-started-ww3/) - Stuxnet was found lurking in the data-banks of power plants traffic control systems and factories all over the world. It was the most complex malware ever discovered at the time. - [Financially Motivated Turkish Hackers Target Microsoft SQL Servers with Mimic Ransomware](https://www.blackhatethicalhacking.com/news/financially-motivated-turkish-hackers-target-microsoft-sql-servers-with-mimic-ransomware/) - A financially motivated Turkish hacker group has been targeting Microsoft SQL (MSSQL) servers worldwide, encrypting victims' files with Mimic (N3ww4v3) ransomware in a campaign known as RE#TURGENCE. - [Apple Addresses First 2024 Zero-Day Exploited in Live Attacks Targeting iPhones, Macs, and Apple TVs](https://www.blackhatethicalhacking.com/news/apple-addresses-first-2024-zero-day-exploited-in-live-attacks-targeting-iphones-macs-and-apple-tvs/) - In a response to the first zero-day vulnerability exploited in live attacks this year, Apple has released crucial security updates aimed at safeguarding iPhones, Macs, and Apple TVs. The zero-day, identified as CVE-2024-23222 and affecting WebKit, presented a potential avenue for attackers to achieve code execution on targeted devices. - [TeamViewer Abused for Unauthorized Access and Deploying LockBit Ransomware](https://www.blackhatethicalhacking.com/news/teamviewer-abused-for-unauthorized-access-and-deploying-lockbit-ransomware/) - Ransomware actors are resurfacing their use of TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors, particularly those based on the leaked LockBit ransomware builder. - [iShutdown Scripts Expose Spyware on Compromised Apple Devices](https://www.blackhatethicalhacking.com/news/ishutdown-scripts-expose-spyware-on-compromised-apple-devices/) - Security researchers have identified a method to detect high-profile spyware infections, including Pegasus, Reign, and Predator, on compromised Apple mobile devices. Kaspersky has introduced Python scripts, collectively known as iShutdown, to automate the analysis of the Shutdown.log system log file, where digital forensic artifacts of malware infections can be found. - [Exploitable Weaknesses Found in Popular POST SMTP Mailer Plugin Affecting 300,000 Wordpress Sites](https://www.blackhatethicalhacking.com/news/exploitable-weaknesses-found-in-popular-post-smtp-mailer-plugin-affecting-300000-wordpress-sites/) - In a recent discovery, security researchers Ulysses Saicha and Sean Murphy from Wordfence identified two critical vulnerabilities in the widely-used POST SMTP Mailer WordPress plugin, an email delivery tool employed by approximately 300,000 websites. - [OSINT Tool: apk2url](https://www.blackhatethicalhacking.com/tools/apk2url/) - apk2url is a tool that easily extracts URL and IP endpoints from an APK file and performs filtering into a .txt output. This is suitable for information gathering by the red team, penetration testers, and developers to quickly identify endpoints associated with an application. - [Offensive Security Tool: msoffcrypto-tool](https://www.blackhatethicalhacking.com/tools/msoffcrypto-tool/) - msoffcrypto-tool is a Python tool and library for decrypting encrypted MS Office files with password, intermediate key, or private key which generated its escrow key. - [Cisco: Critical Flaw Exposes Unified Communications Systems to Remote Code Execution](https://www.blackhatethicalhacking.com/news/cisco-critical-flaw-exposes-unified-communications-systems-to-remote-code-execution/) - Cisco has issued a series of crucial patches to remedy a severe security vulnerability impacting its Unified Communications and Contact Center Solutions products. This critical flaw, identified as CVE-2024-20253 with a CVSS score of 9.9, arises from improper processing of user-provided data. - [Zero-Click Takeover Alert - Thousands of Internet-Exposed GitLab Instances at High Risk](https://www.blackhatethicalhacking.com/news/zero-click-takeover-alert-thousands-of-internet-exposed-gitlab-instances-at-high-risk/) - More than 5,300 GitLab instances exposed on the internet are grappling with a severe security vulnerability, CVE-2023-7028, which GitLab itself had issued a warning about earlier this month. - [Orcus Unveils Groundbreaking AI Technology to Tackle Cybersecurity Threats](https://www.blackhatethicalhacking.com/press-release/orcus-unveils-groundbreaking-ai-technology-to-tackle-cybersecurity-threats/) - 0rcus - AI Offensive Security Platform - [GoAnywhere MFT by Fortra: Exploit Released for Authentication Bypass, Admin User Creation](https://www.blackhatethicalhacking.com/news/goanywhere-mft-by-fortra-exploit-code-released-for-authentication-bypass-admin-user-creation/) - Exploit code has surfaced for a critical authentication bypass vulnerability present in Fortra's GoAnywhere MFT (Managed File Transfer) software. This vulnerability allows attackers to generate new admin users on instances lacking the latest patches, exploiting the administration portal as the point of entry. - [Widespread 'I Can't Believe He Is Gone' Facebook Phishing Scam Targets Users Through Hacked Accounts](https://www.blackhatethicalhacking.com/news/widespread-i-cant-believe-he-is-gone-facebook-phishing-scam-targets-users-through-hacked-accounts/) - A pervasive Facebook phishing campaign, employing a heart-wrenching message - "I can't believe he is gone. I'm gonna miss him so much," is luring unsuspecting users into a web of deceit by redirecting them to a site designed to steal Facebook credentials. - [Apple's Fix for Bluetooth Vulnerability Exploited in Magic Keyboard for Monitoring Bluetooth Traffic](https://www.blackhatethicalhacking.com/news/apples-fix-for-bluetooth-vulnerability-exploited-in-magic-keyboard-for-monitoring-bluetooth-traffic/) - In a recent discovery, security researchers Ulysses Saicha and Sean Murphy from Wordfence identified two critical vulnerabilities in the widely-used POST SMTP Mailer Apple has taken decisive action to address a recently exposed vulnerability in Bluetooth keyboards with the release of Magic Keyboard Firmware Update 2.0.6. plugin, an email delivery tool employed by approximately 300,000 websites. - [Over 178,000 SonicWall Firewalls Exposed to DoS and Remote Code Execution Threats](https://www.blackhatethicalhacking.com/news/over-178000-sonicwall-firewalls-exposed-to-dos-and-remote-code-execution-threats/) - Security researchers have identified a substantial security risk involving more than 178,000 SonicWall next-generation firewalls (NGFW) with exposed online management interfaces. These devices are vulnerable to denial-of-service (DoS) attacks and potential remote code execution (RCE). - [GitHub's Security Alert: Key Rotation After Patching Critical Vulnerability](https://www.blackhatethicalhacking.com/news/githubs-security-alert-key-rotation-after-patching-critical-vulnerability/) - In a proactive response to a security vulnerability, GitHub has rotated keys potentially exposed by a flaw patched in December, preventing attackers from accessing credentials within production containers through environment variables. - [SpectralBlur: The New macOS Backdoor Linked to North Korean Threat Actors](https://www.blackhatethicalhacking.com/news/spectralblur-the-new-macos-backdoor-linked-to-north-korean-threat-actors/) - Cybersecurity researchers have uncovered a new macOS backdoor named SpectralBlur, which shares characteristics with a known malware family associated with North Korean threat actors. - [Offensive Security Tool: SessionProbe](https://www.blackhatethicalhacking.com/tools/sessionprobe/) - SessionProbe is a multi-threaded tool designed for pentesting and bug bounty hunting. It evaluates user privileges in web apps by taking a session token and checking access across a list of URLs, highlighting potential authorization issues. - [Cisco Resolves Critical Unity Connection Vulnerability Allowing Root Privilege Escalation](https://www.blackhatethicalhacking.com/news/cisco-resolves-critical-unity-connection-vulnerability-allowing-root-privilege-escalation/) - Cisco has promptly addressed a critical security vulnerability in its Unity Connection software, a fully virtualized messaging and voicemail solution catering to a variety of communication platforms. - [Netgear and Hyundai MEA Twitter Accounts Hijacked in Cryptocurrency Scam Targeting Followers](https://www.blackhatethicalhacking.com/news/netgear-and-hyundai-mea-twitter-accounts-hijacked-in-cryptocurrency-scam-targeting-followers/) - The official Twitter accounts of Netgear and Hyundai MEA (Middle East & Africa), with a combined following of over 160,000 users, have fallen victim to a hijacking scheme aimed at promoting cryptocurrency scams and distributing wallet-draining malware. - [Recon Tool: ReconSpider](https://www.blackhatethicalhacking.com/tools/reconspider/) - ReconSpider is one of the most advanced Open Source Intelligence (OSINT) Framework and Recon for scanning IP Addresses, Emails, Websites, and Organizations and finding out information from different sources. - [Ivanti EPM Security Alert - Critical RCE Vulnerability Patched to Prevent Device Hijacking](https://www.blackhatethicalhacking.com/news/ivanti-epm-security-alert-critical-rce-vulnerability-patched-to-prevent-device-hijacking/) - In a recent development, Ivanti has successfully addressed a critical remote code execution (RCE) vulnerability within its Endpoint Management software (EPM). - [Mandiant's Twitter Account Hijacked in Cryptocurrency Scam](https://www.blackhatethicalhacking.com/news/mandiants-twitter-account-hijacked-in-cryptocurrency-scam/) - The Twitter account of Mandiant, an American cybersecurity firm and Google subsidiary, was hijacked earlier today to promote a cryptocurrency scam impersonating the Phantom crypto wallet. - [Zoom Room Vulnerability Unveiled: Attackers Could Hijack Meetings and Access Sensitive Data](https://www.blackhatethicalhacking.com/news/zoom-room-vulnerability-unveiled-attackers-could-hijack-meetings-and-access-sensitive-data/) - Researchers at AppOms have uncovered a critical vulnerability in Zoom Rooms that poses a serious security threat. Discovered during the HackerOne live hacking event H1-4420, the vulnerability allows threat actors to take over Zoom Room service accounts, gaining access to the victim organization's tenant. - [BLUFFS- New Bluetooth Attacks Open Path to Device Impersonation](https://www.blackhatethicalhacking.com/news/bluffs-new-bluetooth-attacks-open-path-to-devices-impersonation/) - Eurecom researchers have uncovered a series of six new Bluetooth attacks collectively named 'BLUFFS.' These exploits capitalize on two previously unknown flaws in the Bluetooth standard, affecting the derivation of session keys and compromising forward and future secrecy in Bluetooth sessions. - [Researchers Expose Passive Methods Allowing RSA Keys Extraction From SSH Connections](https://www.blackhatethicalhacking.com/news/researchers-expose-passive-methods-allowing-rsa-keys-extraction-from-ssh-connections/) - In a recent study, researchers from the University of California, San Diego, and the Massachusetts Institute of Technology have shed light on a concerning vulnerability in Secure Shell (SSH) protocols. This vulnerability allows passive network attackers to obtain private RSA host keys during the connection establishment phase by exploiting computational faults. - [New SysJoker's Backdoor Upgrade - Rust Language Adoption Raises Cybersecurity Stakes, Possible Hamas Connection](https://www.blackhatethicalhacking.com/news/new-sysjokers-backdoor-upgrade-rust-language-adoption-raises-cybersecurity-stakes-possible-hamas-connection/) - A sophisticated iteration of the notorious multi-platform malware, 'SysJoker,' has surfaced, showcasing a complete code overhaul in the Rust programming language. - [ClearFake Campaign Targets macOS with Atomic Stealer Malware](https://www.blackhatethicalhacking.com/news/clearfake-campaign-targets-macos-with-atomic-stealer-malware/) - The ClearFake campaign is now delivering the powerful Atomic Stealer (AMOS) macOS information stealer through deceptive browser update prompts. - [Windows Hello Byppased: Major Fingerprint Sensor Flaws Expose Dell, Lenovo, and Microsoft Laptops](https://www.blackhatethicalhacking.com/news/windows-hello-byppased-major-fingerprint-sensor-flaws-expose-dell-lenovo-and-microsoft-laptops/) - A recent investigation has unearthed significant vulnerabilities that could potentially compromise Windows Hello authentication on popular laptops, including Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X. - [LummaC2 Strikes Again: Cybercriminals Now Claim to Revive Expired Google Cookies for Account Hijacking](https://www.blackhatethicalhacking.com/news/lummac2-strikes-again-cybercriminals-now-claim-to-revive-expired-google-cookies-for-account-hijacking/) - The Lumma information-stealer malware, also known as 'LummaC2,' has introduced a chilling new capability, allowing cybercriminals to allegedly restore expired Google cookies - [Kinsing Malware Strikes Again: Exploiting Apache ActiveMQ Vulnerability for Cryptocurrency Mining](https://www.blackhatethicalhacking.com/news/kinsing-malware-strikes-again-exploiting-apache-activemq-vulnerability-for-cryptocurrency-mining/) - The Kinsing malware operator has seized an opportunity by actively exploiting the critical CVE-2023-46604 vulnerability within the Apache ActiveMQ open-source message broker, compromising Linux systems. - [Russian APT29 use WinRAR Vulnerability and Ngrok in Recent Embassy Cyberattacks](https://www.blackhatethicalhacking.com/news/russian-apt29-use-winrar-vulnerability-and-ngrok-in-recent-embassy-cyberattacks/) - The state-sponsored Russian hacker group APT29, also known as Cozy Bear, has strategically exploited the CVE-2023-38831 vulnerability in WinRAR. - [Ddostf: MySQL Servers Turned DDoS Battlegrounds](https://www.blackhatethicalhacking.com/news/ddostf-mysql-servers-turned-ddos-battlegrounds/) - A malware botnet named Ddostf is on the rampage, specifically targeting MySQL servers to harness them as part of a DDoS-as-a-Service platform available for rent by cybercriminals. - [Russian Cyber Onslaught: Unraveling the Largest-Ever Attack on Denmark's Critical Infrastructure](https://www.blackhatethicalhacking.com/news/russian-cyber-onslaught-unraveling-the-largest-ever-attack-on-denmarks-critical-infrastructure/) - Russian threat actors are potentially tied to what Danish authorities are labeling the "largest cyber attack against Danish critical infrastructure." This sophisticated assault, which unfolded in May 2023, targeted 22 companies integral to the operation of Denmark's energy sector. - [Reptar: New Intel CPU Vulnerability Affecting Alder Lake, Raptor Lake, and Sapphire Rapids](https://www.blackhatethicalhacking.com/news/reptar-new-intel-cpu-vulnerability-affecting-alder-lake-raptor-lake-and-sapphire-rapids/) - Intel has addressed a high-severity CPU vulnerability, dubbed as Reptar and tracked as CVE-2023-23583, impacting a range of its modern processors, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. - [Critical Juniper Vulnerabilities Spark Urgent CISA Warning for Federal Agencies](https://www.blackhatethicalhacking.com/news/critical-juniper-vulnerabilities-spark-urgent-cisa-warning-for-federal-agencies/) - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning to federal agencies, urging immediate action to secure Juniper devices on their networks. - [Windows Variant of BiBi Wiper Signals Escalation in Cyber Attacks](https://www.blackhatethicalhacking.com/news/windows-variant-of-bibi-wiper-signals-escalation-in-cyber-attacks/) - Cybersecurity researchers have issued a warning about the appearance of a Windows version of a destructive malware, known as the BiBi Wiper, which was previously identified targeting Linux systems during cyber attacks with a focus on Israel. - [Rogue Sites Masquerading as Windows Portals: A New Malvertising Campaign](https://www.blackhatethicalhacking.com/news/rogue-sites-masquerading-as-windows-portals-a-new-malvertising-campaign/) - A recent discovery has unveiled a new malvertising campaign strategically targeting unsuspecting users by adopting a cloak of legitimacy. Utilizing fake websites disguised as authentic Windows news portals, this scheme aims to spread a malicious installer for a popular system profiling tool known as CPU-Z. - [Unveiling the First Undetectable Cloud-Based Cryptocurrency Miner on Microsoft Azure](https://www.blackhatethicalhacking.com/news/unveiling-the-first-undetectable-cloud-based-cryptocurrency-miner-on-microsoft-azure/) - Cybersecurity researchers at SafeBreach have made a groundbreaking discovery, developing the world's first fully undetectable cloud-based cryptocurrency miner that leverages the power of Microsoft Azure Automation. - [BlueNorOff, Linked to North Korea, Targets Apple Customers with New ObjCShellz macOS Malware](https://www.blackhatethicalhacking.com/news/bluenoroff-linked-to-north-korea-targets-apple-customers-with-new-objcshellz-macos-malware/) - The operators behind the Kinsing malware have shifted their focus to target cloud environments that house systems vulnerable to a Linux security issue known as "Looney Tunables." - [Kinsing Malware Operators Exploit 'Looney Tunables' Linux Bug to Target Cloud Environments](https://www.blackhatethicalhacking.com/news/kinsing-malware-operators-exploit-looney-tunables-linux-bug-to-target-cloud-environments/) - The operators behind the Kinsing malware have shifted their focus to target cloud environments that house systems vulnerable to a Linux security issue known as "Looney Tunables." - [Google Calendar Under Threat: GCR Tool Uses It for Command-and-Control Operations](https://www.blackhatethicalhacking.com/news/google-calendar-under-threat-gcr-tool-uses-it-for-command-and-control-operations/) - Google has issued a warning regarding the emergence of a novel threat, GCR (Google Calendar RAT), which employs Google Calendar for clandestine command-and-control (C2) operations. - [Poorly Managed Linux SSH Servers Targeted for DDoS Bot and CoinMiner Attacks](https://www.blackhatethicalhacking.com/news/poorly-managed-linux-ssh-servers-targeted-for-ddos-bot-and-coinminer-attacks/) - Researchers at AhnLab Security Emergency Response Center (ASEC) have issued a warning about a surge in attacks targeting poorly managed Linux SSH servers, with a primary focus on installing DDoS bots and CoinMiners. - [Operation Triangulation: Leveraged by Exploiting an Undocumented Hardware Feature in iOS Devices](https://www.blackhatethicalhacking.com/news/operation-triangulation-leveraged-by-exploiting-an-undocumented-hardware-feature-in-ios-devices/) - A recent discovery by experts has revealed that the Operation Triangulation cyberespionage campaign, targeting Apple iOS devices, exploited an undocumented hardware feature. - [Optimize your Bug Bounty approach, Key Factors for choosing Ideal Programs](https://www.blackhatethicalhacking.com/articles/optimize-your-bug-bounty-approach-key-factors-for-choosing-ideal-programs/) - In this article, we explore how focusing on your strengths, diverse eligible targets, and high average payouts can enhance efficiency and profitability in bug bounty hunting. - [Threat Actors Exploit Microsoft Office Vulnerability to Spread Agent Tesla Malware](https://www.blackhatethicalhacking.com/news/threat-actors-exploit-microsoft-office-vulnerability-to-spread-agent-tesla-malware/) - Threat actors have been observed exploiting an old Microsoft Office vulnerability, known as CVE-2017-11882, to propagate the Agent Tesla malware. - [Offensive Security Tool: Troll-A](https://www.blackhatethicalhacking.com/tools/troll-a/) - Troll-A is a command line tool for extracting secrets such as passwords, API keys, and tokens from WARC (Web ARChive) files. Troll-A is an easy-to-use, comprehensive, and fast solution for finding secrets in web archives. - [OSINT Tool: sn0int](https://www.blackhatethicalhacking.com/tools/sn0int/) - sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals, bug bounty hunters, law enforcement agencies, and individuals seeking to gather intelligence about a target or themselves. - [Albert Gonzalez and the 'Get Rich or Die Trying' Crew who stole 130 million credit card numbers](https://www.blackhatethicalhacking.com/articles/albert-gonzalez-the-get-rich-or-die-trying-crew-who-stole-130-million-credit-card-numbers/) - Albert Gonzalez, rose from teenage hacker to orchestrator of one of the largest credit card thefts. In 2007, with the 'Get Rich or Die Trying' crew, he used SQL injection to breach data from major companies, accumulating over 50 million credit card accounts. - [Chameleon Android Banking Trojan Strikes Again: New Version Disables Biometrics to Steal PINs](https://www.blackhatethicalhacking.com/news/chameleon-android-trojan-strikes-again-disabling-biometrics-to-steal-pins/) - The Chameleon Android banking trojan has resurfaced with a new iteration that employs a cunning method to compromise devices by disabling fingerprint and face unlock features in order to pilfer device PINs. - [Jonathan James - The teenager who hacked NASA for fun](https://www.blackhatethicalhacking.com/articles/jonathan-james-the-teenager-who-hacked-nasa-for-fun/) - Jonathan James, a prodigious young hacker known by the alias 'c0mrade.' Hacking since age 6, he escalated from modifying computer games to infiltrating NASA's systems at just 15. - [PikaBot Malware Strikes: Malvertising Campaign Targets AnyDesk Users](https://www.blackhatethicalhacking.com/news/pikabot-malware-strikes-malvertising-campaign-targets-anydesk-users/) - A new malware loader known as PikaBot has been identified as part of a malvertising campaign that specifically targets users searching for legitimate software such as AnyDesk. According to Jérôme Segura of Malwarebytes, PikaBot, previously distributed via malspam campaigns, has now emerged as a preferred payload for the threat actor TA577. - [JaskaGO: The Cross-Platform Information Stealer Threatens Windows and macOS](https://www.blackhatethicalhacking.com/news/jaskago-the-cross-platform-information-stealer-threatens-windows-and-macos/) - A new Go-based information stealer malware, known as JaskaGO, has emerged as a significant cross-platform threat, capable of infiltrating both Windows and Apple macOS systems. - [MongoDB Breach: Customer Data Exposed in Cyberattack](https://www.blackhatethicalhacking.com/news/mongodb-breach-customer-data-exposed-in-cyberattack/) - In a recent security incident, MongoDB has reported that its corporate systems were breached, leading to the exposure of customer data. The breach was detected by the company earlier this week, prompting an immediate investigation into the unauthorized access. - [From Crypto Mining to BEC: Microsoft Exposes the Dark Side of OAuth Misuse](https://www.blackhatethicalhacking.com/news/from-crypto-mining-to-bec-microsoft-exposes-the-dark-side-of-oauth-misuse/) - Microsoft has issued a warning about the exploitation of OAuth applications by financially-motivated threat actors to automate Business Email Compromise (BEC) and phishing attacks, push spam, and deploy virtual machines for cryptomining. - [Recon Tool: PassDetective](https://www.blackhatethicalhacking.com/tools/passdetective/) - PassDetective is a command-line tool that scans your shell command history for mistakenly written passwords, API keys, and secrets. It uses regular expressions to identify potential sensitive information and helps you avoid accidentally exposing sensitive data in your command history. - [Critical Android 14 and 13 Lock Screen Bug Exposes Google Account Data](https://www.blackhatethicalhacking.com/news/critical-android-14-and-13-lock-screen-bug-exposes-google-account-data/) - A newly discovered lock screen bypass vulnerability in Android versions 14 and 13 poses a significant threat to user data stored in Google accounts. Uncovered by security researcher Jose Rodriguez (@VBarraquito), this flaw allows a malicious actor with physical access to a device to potentially access sensitive information such as photos, contacts, and browsing history. - [Counter-Strike 2 Vulnerability Patched After HTML Injection Exploits, Exposing Player's IP addresses](https://www.blackhatethicalhacking.com/news/counter-strike-2-vulnerability-patched-after-html-injection-exploits-exposing-players-ip-addresses/) - Valve has reportedly addressed and fixed a significant HTML injection flaw in Counter-Strike 2 (CS2) that was being exploited to inject images into games, potentially exposing players' IP addresses. - [NKAbuse: The First NKN-Abusing Malware Threat](https://www.blackhatethicalhacking.com/news/nkabuse-the-first-nkn-abusing-malware-threat/) - A new form of malware, known as NKAbuse, has emerged as a significant threat to the security of NKN (New Kind of Network) technology. This Go-based multi-platform malware is the first of its kind to exploit NKN for data exchange, posing a stealthy and formidable danger to network systems. - [Volt Typhoon's KV-Botnet and the Threat to Global Communications, Attacks on SOHO routers](https://www.blackhatethicalhacking.com/news/volt-typhoons-kv-botnet-and-the-threat-to-global-communications-attacks-on-soho-routers/) - A joint report by Microsoft and the US government has linked the Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) to a sophisticated botnet named 'KV-botnet.' This botnet has been used since at least 2022 to attack SOHO routers in high-value targets, including telecommunication and internet service providers, a US territorial government entity in Guam, a renewable energy firm in Europe, and US military organizations. - [Deep Dive to Fuzzing for Maximum Impact](https://www.blackhatethicalhacking.com/articles/deep-dive-to-fuzzing-for-maximum-impact/) - In this article, we'll explore the practice of fuzzing, a potent software testing technique. We'll discuss tools for fuzzing and how it can be applied to both web and software applications, breaking down its use in each scenario. We'll also explain the role of wordlists and generation tools in tailoring inputs. - [Russian APT28 Targets European NATO Nations Using Microsoft Outlook Vulnerability](https://www.blackhatethicalhacking.com/news/russian-apt28-targets-european-nato-nations-using-microsoft-outlook-vulnerability/) - A recent report from Palo Alto Networks' Unit 42 reveals that the Russia-linked APT28 group, also known as "Forest Blizzard," "Fancy Bear," or "Strontium," exploited a Microsoft Outlook zero-day vulnerability (CVE-2023-23397) in targeted attacks against European NATO members. - [Kali Linux 2023.4 Release with Cloud ARM64, Raspberry Pi 5 Support, and New Tools](https://www.blackhatethicalhacking.com/news/kali-linux-2023-4-release-with-cloud-arm64-raspberry-pi-5-support-and-new-tools/) - In the latest release, Kali Linux 2023.4 brings a blend of innovations and improvements. While lacking major end-user features, this version introduces several new platform options and significant behind-the-scenes enhancements. The notable updates include Cloud ARM64 support on Amazon AWS and Microsoft Azure, Vagrant Hyper-V compatibility, Raspberry Pi 5 compatibility, GNOME 45 theme support, and internal infrastructure upgrades with the adoption of Mirrorbits. The release also features new tools in the network repositories and updates to existing packages. - [Silent Intruder: The Undetected Krasue RAT Malware Targeting Linux Systems Since 2021](https://www.blackhatethicalhacking.com/news/silent-intruder-the-undetected-krasue-rat-malware-targeting-linux-systems-since-2021/) - A recently discovered remote access trojan (RAT) named Krasue has set its sights on Linux systems within the telecommunications sector, eluding detection since 2021. - [Researchers Expose Vulnerability: ChatGPT Prone to Extraction of Sensitive Training Data](https://www.blackhatethicalhacking.com/news/researchers-expose-vulnerability-chatgpt-prone-to-extraction-of-sensitive-training-data/) - A collaborative effort by researchers from various universities and Google has successfully demonstrated an attack against ChatGPT, a popular chatbot. The attack technique enabled the extraction of several megabytes of ChatGPT's training data by prompting the model to repeat a word indefinitely. - [Offensive Security Tool: ThreatMapper](https://www.blackhatethicalhacking.com/tools/threatmapper/) - ThreatMapper is a platform for runtime threat management and attack path enumeration in cloud-native environments. It actively hunts for threats in production platforms, ranking them based on their risk of exploitation. It reveals vulnerabilities, exposed secrets, and deviations from security best practices through a combination of agent-based inspection and agent-less monitoring. - [How a New Technique Exploits Apple's Lockdown Mode](https://www.blackhatethicalhacking.com/news/how-a-new-technique-exploits-apples-lockdown-mode/) - A "post-exploitation tampering technique" has emerged, posing a threat as malicious actors can employ it to visually trick Apple iPhone users into believing their device is in Lockdown Mode when it's actually vulnerable to covert attacks. - [Data Privacy & Data Protection: Interconnected, yet one doesn't secure your Data](https://www.blackhatethicalhacking.com/articles/data-privacy-data-protection-interconnected-yet-one-doesnt-secure-your-data/) - In an era where data is simultaneously valuable and vulnerable, the responsibility of upholding data privacy rests with each of us. Our digital age, however, presents new challenges, notably the escalating threat of data breaches that jeopardize businesses and individuals alike. - [P2PInfect Botnet Adapts to Target MIPS-Based Devices, Posing Risks to Routers and IoT](https://www.blackhatethicalhacking.com/news/p2pinfect-botnet-adapts-to-target-mips-based-devices-posing-risks-to-routers-and-iot/) - Cybersecurity researchers at Cado Security Labs have uncovered a new variant of the P2PInfect botnet. This variant, compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture, is engineered to target routers, IoT devices, and other embedded systems. - [Digital Forensics Tool: Universal Radio Hacker (URH)](https://www.blackhatethicalhacking.com/tools/universal-radio-hacker/) - The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios (SDRs). - [Recon Tool: subby](https://www.blackhatethicalhacking.com/tools/subby/) - subby is an uber fast and simple subdomain enumeration tool using DNS and web requests with support for detecting wildcard DNS records. - [The Dark Side of IoT: How Cybercriminals Exploit IoT Devices](https://www.blackhatethicalhacking.com/articles/the-dark-side-of-iot-how-cybercriminals-exploit-iot-devices/) - The Internet of Things (IoT) proliferates, and hackers are turning their attention to hacking the billions of devices that are connected to the Internet due to their vulnerable, sometimes non-existent, and ignored security. - [Offensive Security Tool: Ghauri](https://www.blackhatethicalhacking.com/tools/ghauri/) - Ghauri is an advanced cross-platform tool designed to automate the detection and exploitation of SQL injection security vulnerabilities. - [Unpatched Vulnerabilities in NGINX Ingress Controller for Kubernetes Open Door to Credential Theft](https://www.blackhatethicalhacking.com/news/unpatched-vulnerabilities-in-nginx-ingress-controller-for-kubernetes-open-door-to-credential-theft/) - A trio of unpatched high-severity security vulnerabilities in the NGINX Ingress controller for Kubernetes has recently been disclosed, posing a substantial threat to Kubernetes clusters. These vulnerabilities could potentially be exploited by threat actors to steal sensitive credentials from the cluster. - [Jeff Foley - OWASP Amass Founder](https://www.blackhatethicalhacking.com/articles/jeff-foley-owasp-amass-creator/) - In this article, we explore the remarkable journey of Jeff Foley, aka Caffix, with over two decades of experience spanning research, offensive security, and a focus on attack surface management. His commitment led to the inception of the Amass project, an automation-driven initiative within the OWASP community, revolutionizing the way we approach asset discovery and enhancing our understanding of online security. - [New Attack Technique 'Wiki-Slack' Lures Business Professionals to Malicious Websites](https://www.blackhatethicalhacking.com/news/new-attack-technique-wiki-slack-lures-business-professionals-to-malicious-websites/) - Security researchers at eSentire have revealed a new attack technique known as the "Wiki-Slack attack," which is designed to redirect business professionals to malicious websites. - [Critical RCE Vulnerability Threatens Thousands of Apache ActiveMQ Servers](https://www.blackhatethicalhacking.com/news/critical-rce-vulnerability-threatens-thousands-of-apache-activemq-servers/) - Over three thousand internet-exposed Apache ActiveMQ servers are currently at risk due to a recently disclosed critical remote code execution (RCE) vulnerability. - [StripedFly Malware: A Five-Year Undetected Threat to Windows and Linux Systems](https://www.blackhatethicalhacking.com/news/stripedfly-malware-a-five-year-undetected-threat-to-windows-and-linux-systems/) - Researchers at Kaspersky recently uncovered a highly sophisticated cross-platform malware platform named "StripedFly" that managed to operate under the radar for five years. During this time, StripedFly stealthily infected over a million Windows and Linux systems. - [Recon Tool: CHOMTE.SH](https://www.blackhatethicalhacking.com/tools/chomte-sh/) - CHOMTE.SH is a powerful shell script designed to automate recon tasks. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers. - [Mozi Botnet's Mysterious Shutdown: Chinese Authorities or Botnet Operators at Play?](https://www.blackhatethicalhacking.com/news/mozi-botnets-mysterious-shutdown-chinese-authorities-or-botnet-operators-at-play/) - ESET researchers speculate that the recent shutdown of the Mozi botnet may have been a deliberate choice by its operators, possibly in response to pressure from Chinese authorities. - [Critical Confluence Vulnerability Puts Data at Risk: Atlassian Urges Immediate Patching](https://www.blackhatethicalhacking.com/news/critical-confluence-vulnerability-puts-data-at-risk-atlassian-urges-immediate-patching/) - Atlassian has issued an urgent warning to administrators to promptly patch Internet-exposed instances of Confluence due to a critical security vulnerability that could result in data loss if exploited. - [The Difference between Internal and External Pentesting](https://www.blackhatethicalhacking.com/articles/the-difference-between-internal-and-external-pentesting/) - Penetration testing has different methods of execution. In this article we’ll see the difference between Internal and External Pentesting, why both are needed and what benefits your company would get from each one. - [VMware Security Alert: Proof-of-Concept Exploit Code Threatens Authentication Bypass Flaw](https://www.blackhatethicalhacking.com/news/vmware-security-alert-proof-of-concept-exploit-code-threatens-authentication-bypass-flaw/) - VMware has issued a warning to its customers regarding a significant threat. Proof-of-concept (PoC) exploit code is now circulating for a critical authentication bypass flaw found in vRealize Log Insight, which has since been rebranded as VMware Aria Operations for Logs. - [Chrome's Innovative "IP Protection" Feature Unveiled, Masking Users' IP Addresses](https://www.blackhatethicalhacking.com/news/chromes-innovative-ip-protection-feature-unveiled-masking-users-ip-addresses/) - Google is gearing up to introduce an innovative “IP Protection” feature for its Chrome browser, aimed at bolstering users’ privacy by cloaking their IP addresses through the use of proxy servers. - [Cisco Warns For A Second Zero-Day in IOS XE Exploited for Device Infections](https://www.blackhatethicalhacking.com/news/cisco-warns-for-a-second-zero-day-in-ios-xe-exploited-for-device-infections/) - Cisco recently issued a warning about not one but two zero-day vulnerabilities within its IOS XE Software, both actively exploited in the wild. This alarming discovery follows Cisco's initial disclosure of CVE-2023-20198, a critical zero-day vulnerability with a CVSS score of 10, which is actively under attack. - [Offensive Security Tool: o365sprayer](https://www.blackhatethicalhacking.com/tools/o365sprayer/) - o365sprayer is a tool used to enumerate and spray passwords for Office 365 accounts on both Managed and Federated AD services. - [Security Weaknesses in OAuth Put Grammarly, Vidio, and Bukalapak User Accounts in Jeopardy](https://www.blackhatethicalhacking.com/news/security-weaknesses-in-oauth-put-grammarly-vidio-and-bukalapak-user-accounts-in-jeopardy/) - In recent findings, critical security vulnerabilities have been disclosed within the OAuth implementations of well-known online services, including Grammarly, Vidio, and Bukalapak. - [Game Developers on Steam to Face SMS Security Check in Response to Malicious Updates](https://www.blackhatethicalhacking.com/news/game-developers-on-steam-to-face-sms-security-check-in-response-to-malicious-updates/) - A recently discovered malware is masquerading as a legitimate caching plugin for WordPress, deceiving website owners and giving cybercriminals an entry point to hijack their sites. This malicious software operates as a backdoor, offering a range of functionalities that empower it to manipulate plugins, conceal itself from active plugins on compromised websites, substitute content, or divert specific users to harmful destinations. - [D-Link Responds to Data Breach: Employee Falls Victim to Phishing Attack](https://www.blackhatethicalhacking.com/news/d-link-responds-to-data-breach-employee-falls-victim-to-phishing-attack/) - D-Link, the prominent Taiwanese networking equipment manufacturer, has confirmed a data breach linked to a recent incident where sensitive information was stolen and subsequently offered for sale on BreachForums. - [Microsoft Warns of North Korean Hacking Groups Exploiting TeamCity Vulnerability](https://www.blackhatethicalhacking.com/news/microsoft-warns-of-north-korean-hacking-groups-exploiting-teamcity-vulnerability/) - Microsoft's Threat Intelligence Team has detected concerning activity involving North Korean hacking groups exploiting a critical security flaw in TeamCity servers. - [Cisco's IOS XE Vulnerability Allows Complete Takeover, actively exploited](https://www.blackhatethicalhacking.com/news/ciscos-ios-xe-vulnerability-allows-complete-takeover-actively-exploited/) - A recently discovered malware is masquerading as a legitimate caching plugin for WordPress, deceiving website owners and giving cybercriminals an entry point to hijack their sites. This malicious software operates as a backdoor, offering a range of functionalities that empower it to manipulate plugins, conceal itself from active plugins on compromised websites, substitute content, or divert specific users to harmful destinations. - [BlackCat Ransomware Uses 'Munchkin': A Stealthy New Tool to Target Network Devices](https://www.blackhatethicalhacking.com/news/blackcat-ransomware-uses-munchkin-a-stealthy-new-tool-to-target-network-devices/) - The BlackCat/ALPHV ransomware operation has introduced a potent new tool known as 'Munchkin.' This tool utilizes virtual machines to discreetly deploy encryptors on network devices, enhancing the ransomware-as-a-service (RaaS) offering and making it a more attractive prospect for cybercriminal affiliates. - [Malware Poses as WordPress Caching Plugin to Hijack Websites](https://www.blackhatethicalhacking.com/news/malware-poses-as-wordpress-caching-plugin-to-hijack-websites/) - A recently discovered malware is masquerading as a legitimate caching plugin for WordPress, deceiving website owners and giving cybercriminals an entry point to hijack their sites. This malicious software operates as a backdoor, offering a range of functionalities that empower it to manipulate plugins, conceal itself from active plugins on compromised websites, substitute content, or divert specific users to harmful destinations. - [Massive DDoS Attacks Exploiting HTTP/2 Rapid Reset Zero-Day Vulnerability](https://www.blackhatethicalhacking.com/news/massive-ddos-attacks-exploiting-http-2-rapid-reset-zero-day-vulnerability/) - In a collaborative effort to tackle record-breaking distributed denial-of-service (DDoS) attacks employing an innovative technique known as HTTP/2 Rapid Reset, tech giants Amazon Web Services (AWS), Cloudflare, and Google have taken swift action. - [Libcue Vulnerability Exposes Linux GNOME to 1-Click Remote Code Execution](https://www.blackhatethicalhacking.com/news/libcue-vulnerability-exposes-linux-gnome-to-1-click-remote-code-execution/) - The widely used Linux GNOME desktop environment faces a significant security threat due to a memory corruption vulnerability discovered in the open-source libcue library. This vulnerability, identified as CVE-2023-43641, presents attackers with the capability to execute arbitrary code on Linux systems running GNOME. - [Gaza-Based Cyber Threat Actor 'Storm-1133' Strikes Israeli Energy and Defense Sectors, Microsoft Reveals](https://www.blackhatethicalhacking.com/news/gaza-based-cyber-threat-actor-storm-1133-strikes-israeli-energy-and-defense-sectors-microsoft-reveals/) - In a recent revelation, Microsoft has unveiled a series of cyberattacks targeting Israeli private-sector entities in the energy, defense, and telecommunications sectors. The source of these attacks has been traced back to a threat actor based in Gaza, identified as 'Storm-1133. - [Offensive Security Tool: Noir](https://www.blackhatethicalhacking.com/tools/noir/) - Noir is an attack surface detector for source code and it is designed for identifying API endpoints and potential security issues within web applications by analyzing their source code. - [Fake .NET Package on NuGet Delivers SeroXen RAT](https://www.blackhatethicalhacking.com/news/fake-net-package-on-nuget-delivers-seroxen-rat/) - A recently discovered malware is masquerading as a legitimate caching plugin for WordPress, deceiving website owners and giving cybercriminals an entry point to hijack their sites. This malicious software operates as a backdoor, offering a range of functionalities that empower it to manipulate plugins, conceal itself from active plugins on compromised websites, substitute content, or divert specific users to harmful destinations. - [Apple's Emergency Fix: Zero-Day Exploit Puts iPhone and iPad Security at Risk](https://www.blackhatethicalhacking.com/news/apples-emergency-fix-zero-day-exploit-puts-iphone-and-ipad-security-at-risk/) - In a swift response to a newfound zero-day security vulnerability, Apple has released emergency security updates, signaling a race against time to protect iPhone and iPad users from potential cyber threats. The exploit (CVE-2023-42824) in question, discovered in the XNU kernel, poses a risk of local attackers escalating privileges on unpatched iOS devices. - [Gaining Root Control: Looney Tunables' Linux Vulnerability Raises Alarms](https://www.blackhatethicalhacking.com/news/gaining-root-control-looney-tunables-linux-vulnerability-raises-alarms/) - A fresh Linux vulnerability, named 'Looney Tunables,' has emerged. This security flaw opens the door for local attackers to acquire root privileges. - [Meet BunnyLoader: The Rapidly Evolving Malware-as-a-Service](https://www.blackhatethicalhacking.com/news/meet-bunnyloader-the-rapidly-evolving-malware-as-a-service/) - Security researchers have unveiled a new malware-as-a-service (MaaS) dubbed 'BunnyLoader.' This insidious malware has been making waves across the dark corners of the internet, enticing cybercriminals with its fileless loader capabilities and a host of malicious functions, including clipboard theft. - [Cloudflare DDoS Safeguards Ironically Exploited via Cloudflare](https://www.blackhatethicalhacking.com/news/cloudflare-ddos-safeguards-ironically-exploited-via-cloudflare/) - A set of vulnerabilities in Cloudflare's security infrastructure has been identified, potentially allowing attackers to bypass the company's Firewall and DDoS prevention measures. - [Recon Tool: Mantra](https://www.blackhatethicalhacking.com/tools/mantra/) - Mantra it's a recon tool with the main objective of searching for API keys in JavaScript files and HTML pages. - [Supermicro's BMCs Under Siege, Critical Vulnerabilities Open Doors to Attackers](https://www.blackhatethicalhacking.com/news/supermicros-bmcs-under-siege-critical-vulnerabilities-open-doors-to-attackers/) - A series of critical vulnerabilities has rocked the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs), sending shockwaves through the server management community. - [Necurs: Uncovering the Sophisticated Botnet](https://www.blackhatethicalhacking.com/articles/necurs-uncovering-the-sophisticated-botnet/) - In this article, we will dig into the world of Necurs botnet that has plagued the cybersecurity landscape for years. Necurs is a highly sophisticated botnet known for its ability to distribute various types of malware, including ransomware and banking trojans, causing substantial financial damage worldwide. - [Evolving Cyber Laws: How They Impact Businesses in 2023](https://www.blackhatethicalhacking.com/articles/evolving-cyber-laws-how-they-impact-businesses-in-2023/) - In today’s digital era, businesses are heavily reliant on technology for their day-to-day operations, making them susceptible to various cyber threats and data breaches. - [The Dark Side of RAR Files: A New Method for Delivering Malicious Payloads](https://www.blackhatethicalhacking.com/articles/the-dark-side-of-rar-files-a-new-method-for-delivering-malicious-payloads/) - In this article, we'll explore how RAR files can be manipulated to deliver malicious payloads and why they prove to be formidable adversaries against antivirus and EDR/XDR mechanisms. - [ZenRAT Malware Disguised as Bitwarden Password Manager Targets Windows Users](https://www.blackhatethicalhacking.com/news/zenrat-malware-disguised-as-bitwarden-password-manager-targets-windows-users/) - A newly identified malware strain known as ZenRAT has surfaced, and it's being distributed through counterfeit installation packages of the popular Bitwarden password manager. - [Bing Chat Vulnerable to Malvertising: Fake Download Sites Distributing Malware](https://www.blackhatethicalhacking.com/news/bing-chat-vulnerable-to-malvertising-fake-download-sites-distributing-malware/) - Malicious advertisements have infiltrated Microsoft's AI-driven Bing Chat responses, and these ads are promoting counterfeit download websites that distribute malware - [New 'Deadglyph' Backdoor Malware Emerges in Middle East Government Cyberespionage](https://www.blackhatethicalhacking.com/news/new-deadglyph-backdoor-malware-emerges-in-middle-east-government-cyberespionage/) - A highly sophisticated backdoor malware known as 'Deadglyph' has been identified in a cyberespionage campaign against a Middle Eastern government agency. This malware is attributed to the Stealth Falcon Advanced Persistent Threat (APT) group, also known as Project Raven or FruityArmor, which operates on behalf of the United Arab Emirates (UAE) government. - [Ukrainian Military Targeted in Phishing Campaign Using Drone Manuals as Lures](https://www.blackhatethicalhacking.com/news/ukrainian-military-targeted-in-phishing-campaign-using-drone-manuals-as-lures/) - Ukrainian military entities have fallen victim to a phishing campaign that employs drone manuals as bait to distribute a Go-based open-source post-exploitation toolkit named Merlin. - [Hackers Employ ZeroFont Trick in Phishing Emails to Bypass Security Checks](https://www.blackhatethicalhacking.com/news/hackers-employ-zerofont-trick-in-phishing-emails-to-bypass-security-checks/) - Cybercriminals have begun employing a novel phishing technique known as "ZeroFont" to deceive users and evade email security measures, specifically in Microsoft Outlook. - [Recon Tool: Goblyn](https://www.blackhatethicalhacking.com/tools/goblyn/) - Goblyn is a Python tool designed for the enumeration and extraction of metadata from files hosted on websites. - [Offensive Security Tool: Headerpwn](https://www.blackhatethicalhacking.com/tools/headerpwn/) - Headerpwn is a fuzzing tool for finding anomalies and analyzing how servers respond to different HTTP headers. It can provide valuable insights into potential security risks and misconfigurations. - [Fake WinRAR PoC on GitHub Spreads VenomRAT Malware](https://www.blackhatethicalhacking.com/news/fake-winrar-poc-on-github-spreads-venomrat-malware/) - A threat actor recently attempted to distribute VenomRAT malware by uploading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub. - [12,000 Juniper Firewalls and Switches Vulnerable to Critical Flaw](https://www.blackhatethicalhacking.com/news/12000-juniper-firewalls-and-switches-vulnerable-to-critical-flaw/) - An estimated 12,000 Juniper SRX firewalls and EX switches are facing a severe vulnerability that could lead to remote code execution without authentication. - [Trend Micro Addresses Actively Exploited Remote Code Execution Flaw](https://www.blackhatethicalhacking.com/news/trend-micro-addresses-actively-exploited-remote-code-execution-flaw/) - Trend Micro has successfully patched a zero-day vulnerability that allowed remote code execution in its Apex One endpoint protection solution. This vulnerability was actively exploited in attacks. - [Facebook Business Accounts Under Attack: NodeStealer Variant Harvests Credentials](https://www.blackhatethicalhacking.com/news/facebook-business-accounts-under-attack-nodestealer-variant-harvests-credentials/) - An ongoing cyber campaign is actively targeting Facebook Business accounts using deceptive messages to extract victims' credentials, employing a variant of the Python-based NodeStealer malware. The attackers aim to potentially seize control of these accounts for subsequent malicious actions. - [MetaStealer: New macOS Malware Targeting Intel-Based Computers Emerges](https://www.blackhatethicalhacking.com/news/metastealer-new-macos-malware-targeting-intel-based-computers-emerges/) - A new information-stealing malware called 'MetaStealer' has recently emerged in the wild, posing a significant threat to Intel-based macOS computers by stealing a wide range of sensitive information. - [Critical Kubernetes Flaws Expose Windows Endpoints to Remote Code Execution](https://www.blackhatethicalhacking.com/news/critical-kubernetes-flaws-expose-windows-endpoints-to-remote-code-execution/) - Three closely linked high-severity security vulnerabilities have been discovered in Kubernetes, posing a significant risk of remote code execution with elevated privileges on Windows endpoints within a cluster. - [MGM Resorts Hit by BlackCat Ransomware Affiliate: Data Stolen, Operations Halted](https://www.blackhatethicalhacking.com/news/mgm-resorts-hit-by-blackcat-ransomware-affiliate-data-stolen-operations-halted/) - An affiliate associated with the BlackCat ransomware group, also known as APLHV, is responsible for the cyberattack that disrupted the operations of MGM Resorts, compelling the company to shut down its IT systems. - [WiKI-Eve: Intercepting Smartphone Keystrokes via WiFi for Password Theft](https://www.blackhatethicalhacking.com/news/wiki-eve-intercepting-smartphone-keystrokes-via-wifi-for-password-theft/) - A newly identified attack, named 'WiKI-Eve,' has the capability to intercept the cleartext transmissions of smartphones connected to modern WiFi routers. This attack can deduce individual numeric keystrokes with an accuracy rate of up to 90%, thereby enabling the theft of numeric passwords. - [New Phishing Campaign Exploits Microsoft Teams to Deliver DarkGate Loader Malware](https://www.blackhatethicalhacking.com/news/new-phishing-campaign-exploits-microsoft-teams-to-deliver-darkgate-loader-malware/) - A phishing campaign has been detected that leverages Microsoft Teams messages to distribute malicious attachments, ultimately installing the DarkGate Loader malware. This campaign was first observed in late August 2023 when phishing messages posing as Microsoft Teams communications were sent from two compromised external Office 365 accounts to organizations. - [Emergency Apple Updates: Zero-Days Exploited to Deploy Spyware on iPhones](https://www.blackhatethicalhacking.com/news/emergency-apple-updates-zero-days-exploited-to-deploy-spyware-on-iphones-2/) - Apple issued emergency security updates to address two zero-day vulnerabilities that were actively exploited in a sophisticated zero-click exploit chain. These vulnerabilities served as entry points for deploying NSO Group's Pegasus commercial spyware onto fully patched iPhones. - [OSINT Tool: Photon](https://www.blackhatethicalhacking.com/tools/photon/) - Photon is an advanced web crawler and osint tool for thorough website analysis. It's capable of scanning websites comprehensively to uncover valuable information. - [Classiscam Scam-as-a-Service Nets Cybercriminals $64.5 Million Since 2019](https://www.blackhatethicalhacking.com/news/classiscam-scam-as-a-service-nets-cybercriminals-64-5-million-since-2019/) - The Classiscam scam-as-a-service program has managed to accumulate a staggering $64.5 million in illicit earnings since its emergence in 2019, according to a report by cybersecurity company Group-IB. - [September Android Security Updates: Battling Zero-Day and Critical Bugs](https://www.blackhatethicalhacking.com/news/september-android-security-updates-battling-zero-day-and-critical-bugs/) - In the latest round of Android security updates for September 2023, Google has addressed a total of 33 vulnerabilities, among which is a high-severity zero-day flaw that is currently under active exploitation. - [Atlas VPN's Critical Flaw: Zero-Day Leak of User Real IP Addresses](https://www.blackhatethicalhacking.com/news/atlas-vpns-critical-flaw-zero-day-leak-of-user-real-ip-addresses/) - An unidentified threat actor has uncovered a zero-day vulnerability affecting the Linux client of Atlas VPN, a popular VPN service known for its cost-effective solution based on WireGuard and compatibility with major operating systems. This vulnerability has significant implications as it enables the exposure of a user's real IP address with alarming simplicity—merely by visiting a website. - [MalDoc in PDFs: The Covert Threat of Embedded Word Documents into PDFs](https://www.blackhatethicalhacking.com/news/maldoc-in-pdfs-the-covert-threat-of-embedded-word-documents-into-pdfs/) - In a recent discovery, Japan's computer emergency response team (JPCERT) has unveiled a cunning cyberattack method known as 'MalDoc in PDF.' Detected in July 2023, this attack technique cleverly bypasses detection by embedding malicious Word files within innocuous PDFs. - [Recon Tool: Dirhunt](https://www.blackhatethicalhacking.com/tools/dirhunt/) - Dirhunt is a web crawler optimize for search and analyze directories. It detects directories with false 404 errors, directories where an empty index file has been created to hide things and much more. - [Terms of Services](https://www.blackhatethicalhacking.com/terms/terms-services/) - Terms of Services using our website - GDPR Compliance - [MinIO Under Siege: Threat Actor Exploits Critical Vulnerabilities](https://www.blackhatethicalhacking.com/news/minio-under-siege-threat-actor-exploits-critical-vulnerabilities/) - An unidentified threat actor has been observed exploiting high-severity security vulnerabilities in the MinIO high-performance object storage system. This intrusion technique enables the attacker to achieve unauthorized code execution on targeted servers, potentially leading to significant data breaches. - [Unlocking the Secrets: iPhone Hack Without Jailbreak](https://www.blackhatethicalhacking.com/articles/unlocking-the-secrets-iphone-hack-without-jailbreak/) - In a world where smartphones have become an integral part of our lives, Apple's iPhone stands as a symbol of innovation and security. However, there are times when users wish to explore the device beyond its limitations... - [New Android Banking Malware MMRat Leverages Protobuf Serialization for Data Exfiltration](https://www.blackhatethicalhacking.com/news/new-android-banking-malware-mmrat-leverages-protobuf-serialization-for-data-exfiltration/) - In a recent development, a novel Android banking malware named MMRat has emerged, harnessing an uncommon method of communication known as protobuf data serialization to streamline the process of data theft from compromised devices. - [Microsoft Entra ID Vulnerability Exposes Privilege Escalation Risk](https://www.blackhatethicalhacking.com/news/microsoft-entra-id-vulnerability-exposes-privilege-escalation-risk/) - Cybersecurity experts have identified a case of privilege escalation linked to a Microsoft Entra ID application, formerly known as Azure Active Directory, exploiting an abandoned reply URL. - [Explosion of New Variants Triggered by LockBit 3.0 Ransomware Builder Leak](https://www.blackhatethicalhacking.com/news/explosion-of-new-variants-triggered-by-lockbit-3-0-ransomware-builder-leak/) - The aftermath of last year's LockBit 3.0 ransomware builder leak has triggered a cascade of threat actors exploiting the tool to generate an array of new ransomware variants. - [Whiffy Recon Malware: Smoke Loader Botnet's New Weapon for Location Tracking via WiFi](https://www.blackhatethicalhacking.com/news/whiffy-recon-malware-smoke-loader-botnets-new-weapon-for-location-tracking-via-wifi/) - Cybercriminals linked to the notorious Smoke Loader botnet have rolled out a fresh piece of malware named Whiffy Recon, designed to pinpoint the geographical location of compromised devices through a combination of WiFi scanning and Google's geolocation API. - [Offensive Security Tool: BruteSpray](https://www.blackhatethicalhacking.com/tools/brutespray/) - BruteSpray a tool that automates and accelerates the testing of weak credentials and passwords across multiple services, such as SSH, RDP, and FTP. - [Kali Linux 2023.3 Release: Enhanced Infrastructure, Revamped Kali Autopilot, and 9 Tool Additions](https://www.blackhatethicalhacking.com/news/kali-linux-2023-3-release-enhanced-infrastructure-revamped-kali-autopilot-and-9-tool-additions/) - A fresh variant of the notorious Apple macOS malware, XLoader, has emerged, adopting the guise of an innocuous office productivity application named "OfficeNote." This evolving malware strain has hidden its malicious capabilities behind the facade of a seemingly legitimate app. - [Critical Security Vulnerabilities in VMware Aria Operations for Networks Addressed in Latest Updates](https://www.blackhatethicalhacking.com/news/critical-security-vulnerabilities-in-vmware-aria-operations-for-networks-addressed-in-latest-updates/) - VMware has taken swift action to rectify two security vulnerabilities present in Aria Operations for Networks software, addressing the potential risks of authentication bypass and remote code execution. - [“Worst” MacOS Security Bug Recently Patched by Apple](https://www.blackhatethicalhacking.com/articles/worst-macos-security-bug-recently-patched-by-apple/) - There are new vulnerabilities to be exploited as well, and it just so happens that Apple security recently discovered (and patched) a huge security flaw in the macOS. - [Webinar: An Introduction to Offensive Cybersecurity](https://www.blackhatethicalhacking.com/press-release/webinar-an-introduction-to-offensive-cybersecurity/) - Webinar: An Introduction to Offensive Cybersecurity - [Researchers Unearth Security Flaws in TP-Link Smart Bulb and App, Warning of WiFi Password Exposure](https://www.blackhatethicalhacking.com/news/researchers-unearth-security-flaws-in-tp-link-smart-bulb-and-app-warning-of-wifi-password-exposure/) - Researchers hailing from Italy and the UK have uncovered a set of four vulnerabilities in TP-Link's Tapo L530E smart bulb and the associated Tapo app, potentially providing attackers with the means to pilfer victims' WiFi passwords. - [PowerShell Gallery Vulnerabilities Enable Typosquatting and Supply Chain Attacks](https://www.blackhatethicalhacking.com/news/powershell-gallery-vulnerabilities-enable-typosquatting-and-supply-chain-attacks/) - A critical security lapse in Microsoft's PowerShell Gallery code repository has come to light, creating a fertile ground for malicious actors to execute typosquatting attacks, manipulate popular package names, and potentially orchestrate large-scale supply chain attacks. - [WinRAR Vulnerability Enables Arbitrary Code Execution via Malicious Archives](https://www.blackhatethicalhacking.com/news/winrar-vulnerability-enables-arbitrary-code-execution-via-malicious-archives/) - A high-severity security vulnerability has been successfully addressed in WinRAR, the widely used file archiver utility for Windows, which could potentially execute commands on a computer simply by opening a manipulated archive. - [XLoader macOS Malware Resurfaces as 'OfficeNote' App, Evading Detection with New Tactics](https://www.blackhatethicalhacking.com/news/xloader-macos-malware-resurfaces-as-officenote-app-evading-detection-with-new-tactics/) - A fresh variant of the notorious Apple macOS malware, XLoader, has emerged, adopting the guise of an innocuous office productivity application named "OfficeNote." This evolving malware strain has hidden its malicious capabilities behind the facade of a seemingly legitimate app. - [Critical Python URL Parsing Flaw Allows Bypass of Filtering Methods](https://www.blackhatethicalhacking.com/news/critical-python-url-parsing-flaw-allows-bypass-of-filtering-methods/) - A significant security vulnerability has been unveiled in Python's URL parsing function, which could potentially be exploited to evade domain or protocol filtering mechanisms that rely on blocklists. - [Legitimate Tool Turned Malicious: Freeze[.]rs Injector Used to Spread XWorm Malware](https://www.blackhatethicalhacking.com/news/legitimate-tool-turned-malicious-freeze-rs-injector-used-to-spread-xworm-malware/) - Malicious actors have seized upon the legitimate Rust-based injector "Freeze[.]rs" to deploy the XWorm commodity malware within victim environments. - [The Remarkable Journey of Dave Kennedy as a Cyber Security Innovator](https://www.blackhatethicalhacking.com/articles/the-remarkable-journey-of-dave-kennedy-as-a-cyber-security-innovator/) - This article provides an insightful overview of Dave Kennedy's journey, a cybersecurity expert with over 25 years of experience in the field. Renowned for his exceptional expertise in areas such as penetration testing, social engineering, and pioneering offensive security strategies, he has been a driving force behind significant advancements in the industry. - [Safe Website Checklist: Determine if a Website is Safe or Not](https://www.blackhatethicalhacking.com/articles/safe-website-checklist-determine-if-a-website-is-safe-or-not/) - We expose ourselves to a variety of websites with every click, tap, and scroll, each with its own goals and standards of integrity. Thus, a knowledgeable navigator of a website security checker is required for both users and website admins to distinguish between safe websites and risky ones. - [Rising Threat: Rhysida Ransomware Sets Sights on Healthcare Sector](https://www.blackhatethicalhacking.com/news/rising-threat-rhysida-ransomware-sets-sights-on-healthcare-sector/) - The Rhysida ransomware operation has garnered significant attention following a series of attacks on healthcare institutions, prompting government agencies and cybersecurity firms to closely monitor its activities. - [Critical Vulnerability in Visual Studio Code, Malicious Extensions Can Steal Authentication Tokens](https://www.blackhatethicalhacking.com/news/critical-vulnerability-in-visual-studio-code-malicious-extensions-can-steal-authentication-tokens/) - A significant security vulnerability has been unveiled in Microsoft's Visual Studio Code (VS Code), the widely used code editor and development environment. This flaw enables malicious extensions to extract authentication tokens stored within Windows, Linux, and macOS credential managers. - [New Acoustic Attack - Deep Learning Model Extracts Keystrokes with 95% Accuracy](https://www.blackhatethicalhacking.com/news/new-acoustic-attack-deep-learning-model-extracts-keystrokes-with-95-accuracy/) - A team of researchers hailing from British universities has unveiled a disconcerting breakthrough in the realm of cyber threats — a deep learning model that can pilfer sensitive data by capturing keyboard keystrokes using a microphone, boasting a remarkable accuracy of 95%. - [Reptile: Open-Source Rootkit Targets Linux Systems in South Korea](https://www.blackhatethicalhacking.com/news/reptile-open-source-rootkit-targets-linux-systems-in-south-korea/) - A sophisticated cyber threat has emerged, targeting Linux systems in South Korea through the use of an open-source rootkit known as Reptile. In a recent report, the AhnLab Security Emergency Response Center (ASEC) shed light on this alarming development, highlighting that Reptile differentiates itself from conventional rootkit malware by offering a reverse shell functionality, allowing malicious actors to effortlessly assume control over compromised systems. - [Recon Tool: RecoX](https://www.blackhatethicalhacking.com/tools/recox/) - Recox is a powerful tool for finding vulnerabilities in web applications. It goes beyond the OWASP top ten list, making it valuable for security professionals. - [Azure's New Feature Opens Doors for Lateral Attacks, Microsoft Tenants at Risk](https://www.blackhatethicalhacking.com/news/azures-new-feature-opens-doors-for-lateral-attacks-microsoft-tenants-at-risk/) - In a bid to enhance collaboration and automate lifecycle management, Microsoft introduced the Azure Active Directory Cross-Tenant Synchronization (CTS) feature in June 2023. However, cybersecurity researchers are now raising concerns about this new capability, as it has opened up a potential attack surface that could be exploited by threat actors to facilitate lateral movement between connected Azure tenants. - [Massive Breach - Hundreds of Citrix Servers Backdoored in an RCE Attack](https://www.blackhatethicalhacking.com/news/massive-breach-hundreds-of-citrix-servers-backdoored-in-an-rce-attack/) - A series of cyberattacks has targeted Citrix Netscaler ADC and Gateway servers, compromising their security and leaving them backdoored. The attacks have exploited a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-3519. - [Python Variant of NodeStealer - Targeting Facebook Business Accounts and Cryptocurrency](https://www.blackhatethicalhacking.com/news/python-variant-of-nodestealer-targeting-facebook-business-accounts-and-cryptocurrency/) - Cybersecurity researchers from Palo Alto Network Unit 42 have recently discovered a Python variant of the infamous NodeStealer malware. This sophisticated strain is now fully equipped to not only take over Facebook business accounts but also to siphon cryptocurrency, making it a grave threat to both individuals and organizations. - [Abyss Locker: New Linux Encryptor Targets VMware's ESXi Virtual Machines](https://www.blackhatethicalhacking.com/news/abyss-locker-new-linux-encryptor-targets-vmwares-esxi-virtual-machines/) - The notorious Abyss Locker operation joins the ranks of cybercriminals developing Linux encryptors to target the widely-used VMware ESXi virtual machines platform. - [Super Admin Privilege Vulnerability Plagues MikroTik Routers](https://www.blackhatethicalhacking.com/news/super-admin-privilege-vulnerability-plagues-mikrotik-routers/) - A critical vulnerability dubbed CVE-2023-30799 has put over 900,000 MikroTik RouterOS routers at severe risk, allowing attackers to gain "super-admin" privileges and take full control of the devices without detection. - [40% of Ubuntu users vulnerable to new privilege elevation flaws](https://www.blackhatethicalhacking.com/news/40-of-ubuntu-users-vulnerable-to-new-privilege-elevation-flaws/) - Two recently discovered Linux vulnerabilities have raised concerns for Ubuntu users, potentially granting unprivileged local users elevated privileges on a massive number of devices. Ubuntu, a widely used Linux distribution with a significant user base of over 40 million, faces the impact of CVE-2023-32629 and CVE-2023-2640, identified by researchers from Wiz. - [P2PInfect Server Botnet Turns Compromised Redis Servers into a Peer-to-Peer Network](https://www.blackhatethicalhacking.com/news/p2pinfect-server-botnet-turns-compromised-redis-servers-into-a-peer-to-peer-network/) - A sophisticated and rapidly spreading malware, known as P2PInfect, is currently on the prowl, targeting vulnerable instances of SSH and Redis open-source data store. This malicious worm, developed in Rust, has versions compatible with both Windows and Linux, making it a cross-platform menace. - [SEC Mandates Rapid Cyberattack Disclosures, Companies Must Act Within 4 Business Days](https://www.blackhatethicalhacking.com/news/sec-mandates-rapid-cyberattack-disclosures-companies-must-act-within-4-business-days/) - The U.S. Securities and Exchange Commission (SEC) has taken a significant step towards enhancing cybersecurity transparency for publicly traded companies. The SEC has adopted new rules that mandate the disclosure of cyberattacks within four business days of determining their material impact on the organization. - [HotRat Malware -The Sneaky Trojan Lurking in Cracked Software](https://www.blackhatethicalhacking.com/news/hotrat-malware-the-sneaky-trojan-lurking-in-cracked-software/) - A new variant of the notorious AsyncRAT malware, dubbed HotRat, has emerged, spreading through free, pirated versions of popular software and utilities, including video games, image and sound editing software, and Microsoft Office. - [Digital Forensics Tool: ScrapPy](https://www.blackhatethicalhacking.com/tools/scrappy/) - ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. - [Zenbleed: Critical Flaw Found in AMD Zen2 CPUs That Could Leak Sensitive Data](https://www.blackhatethicalhacking.com/news/zenbleed-critical-flaw-found-in-amd-zen2-cpus-that-could-leak-sensitive-data/) - Google's renowned security researcher Tavis Ormandy has uncovered a significant vulnerability called Zenbleed affecting AMD Zen2 CPUs, posing a serious risk of data theft. The flaw, tracked as CVE-2023-20593, allows malicious actors to pilfer sensitive information, including passwords and encryption keys, at an alarming rate of 30KB/sec from each CPU core. - [New P2PInfect Malware, Self-Spreading Worm Targets Redis Instances on Internet-Exposed Systems](https://www.blackhatethicalhacking.com/news/new-p2pinfect-malware-self-spreading-worm-targets-redis-instances-on-internet-exposed-systems/) - In a recent breakthrough, security researchers from Unit 42 have unearthed a new peer-to-peer (P2P) malware with a unique self-spreading capability. This sophisticated worm, named P2PInfect, strategically targets Redis instances running on Internet-exposed Windows and Linux systems. - [DeliveryCheck: Turla's New Cyberweapon Strikes Microsoft Exchange Servers and Defense Sector](https://www.blackhatethicalhacking.com/news/deliverycheck-turlas-new-cyberweapon-strikes-microsoft-exchange-servers-and-defense-sector/) - Microsoft and the Ukrainian Computer Emergency Response Team (CERT-UA) have issued a joint warning about an emerging cyber threat orchestrated by the Russian state-sponsored Turla hacking group. - [WormGPT: Unleashing the Dark Side of Generative AI for Cybercrime](https://www.blackhatethicalhacking.com/news/wormgpt-unleashing-the-dark-side-of-generative-ai-for-cybercrime/) - According to a recent report by SlashNext, a new cybercrime tool called WormGPT has surfaced in underground forums, offering adversaries a sophisticated means to launch phishing and business email compromise (BEC) attacks. - [Kevin Mitnick - Once the world's most wanted hacker, now he's getting paid to hack companies legally](https://www.blackhatethicalhacking.com/articles/hacking-stories/kevin-mitnick-once-the-worlds-most-wanted-hacker-now-hes-getting-paid-to-hack-companies-legally/) - Kevin Mitnick, once called the “Most-Wanted hacker”, is an American security researcher who was born in Los Angeles in 1963. - [Hackers Exploit Critical ColdFusion Vulnerabilities, Installing Webshells on Vulnerable Servers](https://www.blackhatethicalhacking.com/news/hackers-exploit-critical-coldfusion-vulnerabilities-installing-webshells-on-vulnerable-servers/) - The ColdFusion vulnerabilities allow threat actors to bypass authentication and remotely execute commands, leading to the installation of webshells on vulnerable servers. - [Fake PoC Exploit Targets Cybersecurity Researchers with Linux Malware](https://www.blackhatethicalhacking.com/news/fake-poc-exploit-targets-cybersecurity-researchers-with-linux-malware/) - In a recent development, cybersecurity researchers and threat actors have become targets of a fake proof of concept (PoC) exploit, known as CVE-2023-35829, which installs a Linux password-stealing malware. - [SonicWall Warns of Critical Vulnerabilities in Firewall Management Software](https://www.blackhatethicalhacking.com/news/sonicwall-warns-of-critical-vulnerabilities-in-firewall-management-software/) - SonicWall has issued an urgent warning to its customers regarding critical vulnerabilities in its Global Management System (GMS) firewall management and Analytics network reporting engine software suites. - [Hackers Weaponize Unpatched Microsoft Flaw to Target NATO Summit Attendees](https://www.blackhatethicalhacking.com/news/hackers-weaponize-unpatched-microsoft-flaw-to-target-nato-summit-attendees/) - Microsoft warned customers today that an unpatched security vulnerability in Windows and Office is being exploited in the wild to hack into computer systems. The flaw, tracked as CVE-2023-36884, can be exploited without requiring any user interaction to gain full control of a system. - [Apple Releases Urgent Security Updates to Address Zero-Day Exploits Impacting iPhones, Macs, and iPads](https://www.blackhatethicalhacking.com/news/apple-releases-urgent-security-updates-to-address-zero-day-exploits-impacting-iphones-macs-and-ipads/) - Apple has rolled out a series of Rapid Security Response (RSR) updates to address a newly discovered zero-day vulnerability that has been exploited in attacks targeting fully-patched iPhones, Macs, and iPads. - [Charming Kitten APT Group Unleashes New NokNok Malware, Targeting macOS Systems](https://www.blackhatethicalhacking.com/news/charming-kitten-apt-group-unleashes-new-noknok-malware-targeting-macos-systems/) - Security researchers have detected a new campaign attributed to the Charming Kitten APT group, in which hackers employed a new strain of malware called NokNok to target macOS systems. - [OSINT Tool: Maryam](https://www.blackhatethicalhacking.com/tools/maryam/) - OWASP Maryam is a modular open-source framework based on OSINT (Open Source Intelligence) and data gathering. It is designed to provide a robust environment to harvest data from open sources and search engines quickly and thoroughly. - [TeamsPhisher Exploits Microsoft Teams Security Issue for File Delivery](https://www.blackhatethicalhacking.com/news/teamsphisher-exploits-microsoft-teams-security-issue-for-file-delivery/) - A member of the U.S. Navy's red team has developed a tool called TeamsPhisher, which takes advantage of an unresolved security flaw in Microsoft Teams. This flaw allows the tool to bypass restrictions for incoming files from external users, known as external tenants. - [Microsoft Refutes Allegations of Data Breach Involving 30 Million Customer Accounts by Anonymous Sudan Hackers](https://www.blackhatethicalhacking.com/news/microsoft-refutes-allegations-of-data-breach-involving-30-million-customer-accounts-by-anonymous-sudan-hackers/) - Microsoft has rejected the assertions made by hacktivist group "Anonymous Sudan" regarding the breach of the company's servers and the theft of credentials for 30 million customer accounts. - [Critical Zero-Day Vulnerability in 'Ultimate Member' WordPress Plugin Enables Cybercriminals to Compromise Websites](https://www.blackhatethicalhacking.com/news/critical-zero-day-vulnerability-in-ultimate-member-wordpress-plugin-enables-cybercriminals-to-compromise-websites/) - Cybercriminals have recently taken advantage of a zero-day privilege escalation vulnerability present in the widely used 'Ultimate Member' WordPress plugin. This flaw allows them to bypass security measures and register rogue administrator accounts, putting websites at risk - [DDoSia Attack Tool Upgraded with Encryption, Concealed Targeting](https://www.blackhatethicalhacking.com/news/ddosia-attack-tool-upgraded-with-encryption-concealed-targeting/) - The threat actors behind the DDoSia attack tool have released an updated variant that incorporates an additional security mechanism to conceal the list of targets. Developed in Golang, the new version aims to bring down websites through a barrage of junk HTTP requests - [Cisco Warns of High-Severity Vulnerability in Data Center Switches Allowing Tampering with Encrypted Traffic](https://www.blackhatethicalhacking.com/news/cisco-warns-of-high-severity-vulnerability-in-data-center-switches-allowing-tampering-with-encrypted-traffic/) - Cisco issued a warning to its customers today regarding a high-severity vulnerability that affects certain data center switch models. - [Recon Tool: Logsensor](https://www.blackhatethicalhacking.com/tools/logsensor/) - Logsensor is a powerful tool designed to help identify login panels and perform POST form SQL injection (SQLi) scanning. - [MITRE's 2023 List Revealed - The Top 25 Most Dangerous Software Weaknesses Unveiled](https://www.blackhatethicalhacking.com/news/mitres-2023-list-revealed-the-top-25-most-dangerous-software-weaknesses-unveiled/) - MITRE, has released its highly anticipated annual list of the top 25 most dangerous software weaknesses that have plagued systems over the previous two years. - [Linux Version of Akira Ransomware Expands Reach, Targets VMware ESXi Servers](https://www.blackhatethicalhacking.com/news/linux-version-of-akira-ransomware-expands-reach-targets-vmware-esxi-servers/) - Akira ransomware operation has recently turned its attention to Linux-based VMware ESXi virtual machines, executing double-extortion attacks on companies worldwide. - [Mockingjay - A New Process Injection Technique that Bypasses EDR Detection](https://www.blackhatethicalhacking.com/news/mockingjay-a-new-process-injection-technique-that-bypasses-edr-detection/) - Security researchers at Security Joes have recently uncovered a novel process injection technique called "Mockingjay," which enables threat actors to bypass EDR (Endpoint Detection and Response) systems and other security products to execute malicious code discreetly on compromised systems - [Fortinet Addresses Critical Remote Code Execution Vulnerability in FortiNAC Solution](https://www.blackhatethicalhacking.com/news/fortinet-addresses-critical-remote-code-execution-vulnerability-in-fortinac-solution/) - Fortinet has taken swift action to address a critical security vulnerability that affects its FortiNAC network access control solution. Tracked as CVE-2023-33299, this flaw has been rated 9.6 out of 10 in terms of severity on the Common Vulnerability Scoring System (CVSS). - [Trojanized Super Mario Game Installer Discovered to Deliver Malware Attacks](https://www.blackhatethicalhacking.com/news/trojanized-super-mario-game-installer-discovered-to-deliver-malware-attacks/) - A trojanized installer for Super Mario 3: Mario Forever, a popular Windows game, has been discovered to infect unsuspecting players with multiple malware infections. - [Malware Delivery Exploit Found in Microsoft Teams Allows Attacks from External Sources](https://www.blackhatethicalhacking.com/news/malware-delivery-exploit-found-in-microsoft-teams-allows-attacks-from-external-sources/) - Security researchers from UK-based security services company Jumpsec have identified a method to deliver malware through Microsoft Teams, bypassing the application's restrictions on files from external sources. - [Honda's E-commerce Platform Exposed, Researcher Exploits API Flaws for Unrestricted Data Access](https://www.blackhatethicalhacking.com/news/hondas-e-commerce-platform-exposed-researcher-exploits-api-flaws-for-unrestricted-data-access/) - Honda's e-commerce platform vulnerability allowed unauthorized access due to flaws in its application programming interface (API), enabling password resets for any account. - [Magecart Attackers Turn Hijacked E-commerce Sites into Command-and-Control Servers](https://www.blackhatethicalhacking.com/news/magecart-attackers-turn-hijacked-e-commerce-sites-into-command-and-control-servers/) - In a recent discovery, cybersecurity researchers have brought to light an ongoing web skimmer campaign reminiscent of Magecart attacks. The campaign's objective is to pilfer personally identifiable information (PII) and credit card data from various e-commerce websites. - ['Operation Triangulation' Malware Strikes iOS Devices Worldwide](https://www.blackhatethicalhacking.com/news/operation-triangulation-malware-strikes-ios-devices-worldwide/) - Cybersecurity firm Kaspersky has taken a significant step in the battle against a new form of malware called 'Triangulation' that specifically targets Apple iPhones and other iOS devices. - [Anonymous Sudan Launches DDoS Attacks on Microsoft Outlook](https://www.blackhatethicalhacking.com/news/anonymous-sudan-launches-ddos-attacks-on-microsoft-outlook/) - Outlook.com, has been hit by a series of outages, causing significant disruptions for users worldwide. These outages, have been attributed to technical issues by Microsoft. However, hacktivist group Anonymous Sudan has claimed responsibility, asserting that they are conducting Distributed Denial of Service (DDoS) attacks on Microsoft's service to protest the United States' involvement in Sudanese internal affairs. - [Offensive Security Tool: Pypykatz](https://www.blackhatethicalhacking.com/tools/pypykatz/) - PyPyKatz is the Mimikatz implementation in pure Python. It can parse the secrets hidden in the LSASS process. This is just like mimikatz's sekurlsa:: but with different commands. The main difference here is that all the parsing logic is separated from the data source, so if you define a new reader object you can basically perform the parsing of LSASS from anywhere but has even more features. - [Russian State Alleges Apple's Involvement in iPhone iOS Zero-Click Attacks](https://www.blackhatethicalhacking.com/news/russian-state-alleges-apples-involvement-in-iphone-ios-zero-click-attacks/) - Russian cybersecurity firm Kaspersky has made a startling revelation regarding a persistent iPhone hacking campaign that exploits vulnerabilities in iMessage. The attack, involving zero-click exploits, enables hackers to install malware on iPhones without any user interaction. - [Offensive Security Tool: Nginxpwner](https://www.blackhatethicalhacking.com/tools/nginxpwner/) - Nginxpwner is a tool written in Python that can be used to scan a web server running the nginx web server software for misconfigurations and vulnerabilities. - [Jetpack Critical Vulnerability Puts Millions of WordPress Sites at Risk](https://www.blackhatethicalhacking.com/news/jetpack-critical-vulnerability-puts-millions-of-wordpress-sites-at-risk/) - In a proactive move to safeguard millions of websites, Automattic, the owner of WordPress.com, has initiated the automatic installation of a crucial security patch. Collaborating with the WordPress Security Team, this measure aims to address a critical vulnerability found in the widely popular Jetpack plug-in. - [Leaked RaidForums Database Exposes Hacker Identities](https://www.blackhatethicalhacking.com/news/leaked-raidforums-database-exposes-hacker-identities/) - A significant breach has occurred as the database of the notorious RaidForums hacking forums has been leaked online. - [Apple Addresses Critical macOS Vulnerability Allowing Undeletable Malware](https://www.blackhatethicalhacking.com/news/apple-addresses-critical-macos-vulnerability-allowing-undeletable-malware/) - Apple Takes Swift Action to Address Critical macOS Vulnerability Exploiting System Integrity Protection (SIP) - [Kali Linux 2023.2 Release (New Tools in Kali, Desktop Updates, New Hyper-V VM Image)](https://www.blackhatethicalhacking.com/news/kali-linux-2023-2-release-new-tools-in-kali-desktop-updates-new-hyper-v-vm-image/) - The Kali Linux 2023.2 release introduces significant enhancements to its feature set. This latest release includes a new VM image specifically tailored for Hyper-V, featuring "Enhanced Session Mode" for an optimized virtual machine experience. Additionally, the Xfce audio stack has been upgraded with the integration of PipeWire. The i3 desktop has undergone a substantial overhaul, merging i3-gaps with i3 to achieve a more modern look. Moreover, users will benefit from updates to icons, menus, and the incorporation of new tools. - [Clever Phishing Toolkit Emerges: Fake WinRAR and Windows File Explorer on ZIP Domains](https://www.blackhatethicalhacking.com/news/clever-phishing-toolkit-emerges-fake-winrar-and-windows-file-explorer-on-zip-domains/) - In a concerning development, a newly discovered phishing kit dubbed 'File Archivers in the Browser' has surfaced, taking advantage of ZIP domains to perpetrate fraudulent activities. - [Offensive Security Tool: Pyramid](https://www.blackhatethicalhacking.com/tools/pyramid/) - Pyramid is a tool to perform post-exploitation tasks in an evasive manner, executing offensive tooling from a signed binary (e.g. python.exe) by importing their dependencies in memory. - [Barracuda's Email Security Breached: Zero-Day Flaw Puts Users at Risk](https://www.blackhatethicalhacking.com/news/barracudas-email-security-breached-zero-day-flaw-puts-users-at-risk/) - Barracuda, a prominent provider of email protection and network security services, has issued a warning to its users regarding a zero-day vulnerability that has been actively exploited to compromise the company's Email Security Gateway (ESG) appliances. - [Hackers Use New PowerExchange Malware to Target Microsoft Exchange Servers](https://www.blackhatethicalhacking.com/news/hackers-use-new-powerexchange-malware-to-target-microsoft-exchange-servers/) - FortiGuard Labs Threat Research team has recently uncovered a highly sophisticated and alarming cyber threat: a new PowerShell-based malware named PowerExchange. - [AhRat Malware Strikes Again with Trojanized Screen Recording App](https://www.blackhatethicalhacking.com/news/ahrat-malware-strikes-again-with-trojanized-screen-recording-app/) - ESET malware researchers have made a disturbing discovery—a new remote access trojan (RAT) named AhRat lurking within an Android screen recording app available on the Google Play Store. - [BlackCat Ransomware Evades Security Software with Signed Malicious Windows Kernel Drivers](https://www.blackhatethicalhacking.com/news/blackcat-ransomware-evades-security-software-with-signed-malicious-windows-kernel-drivers/) - The ALPHV ransomware group, also known as BlackCat, has recently been observed employing signed malicious Windows kernel drivers to evade detection by security software during their attacks. - [BrutePrint Attack: Researchers Unveil New Technique to Bypass Smartphone Fingerprint Authentication](https://www.blackhatethicalhacking.com/news/bruteprint-attack-researchers-unveil-new-technique-to-bypass-smartphone-fingerprint-authentication/) - Researchers from Tencent Labs and Zhejiang University have recently introduced a novel attack named 'BrutePrint,' designed to exploit fingerprint authentication on modern smartphones. - [Recon Tool: Dome](https://www.blackhatethicalhacking.com/tools/dome/) - Dome is a fast and reliable Subdomain Enumeration Tool that facilitates active and passive scanning to discover subdomains and identify open ports. - [The Alarming Rise of Malicious Extensions in Microsoft's VSCode Marketplace](https://www.blackhatethicalhacking.com/news/the-alarming-rise-of-malicious-extensions-in-microsofts-vscode-marketplace/) - Cybercriminals have set their sights on Microsoft's esteemed VSCode Marketplace, launching a series of insidious attacks by uploading three malicious Visual Studio extensions. - [WordPress Websites at Risk - Hackers Exploit Critical Flaw in Essential Addons for Elementor](https://www.blackhatethicalhacking.com/news/wordpress-websites-at-risk-hackers-exploit-critical-flaw-in-essential-addons-for-elementor/) - Hackers have launched a widespread campaign, targeting vulnerable versions of the Essential Addons for Elementor plugin on thousands of WordPress websites through extensive internet scans. - [Camaro Dragon - Chinese State-Sponsored Hackers Target European Organizations via Infected TP-Link Routers](https://www.blackhatethicalhacking.com/news/camaro-dragon-chinese-state-sponsored-hackers-target-european-organizations-via-infected-tp-link-routers/) - Chinese state-sponsored hacking group "Camaro Dragon" has been discovered infecting residential TP-Link routers with a custom malware named "Horse Shell." - [New MichaelKors Ransomware Takes Aim at Linux and VMware ESXi](https://www.blackhatethicalhacking.com/news/michaelkors-ransomware-takes-aim-at-linux-and-vmware-esxi/) - A recently discovered ransomware-as-a-service (RaaS) operation named MichaelKors has emerged as the latest file-encrypting malware targeting Linux and VMware ESXi systems since April 2023, according to a report by cybersecurity firm CrowdStrike - [Hackers Exploit Critical WordPress Plugin Vulnerability Within Hours of Public PoC Release](https://www.blackhatethicalhacking.com/news/hackers-exploit-critical-wordpress-plugin-vulnerability-within-hours-of-public-poc-release/) - Hackers are wasting no time in exploiting a recently addressed vulnerability in the WordPress Advanced Custom Fields plugin, as they swiftly took advantage of a publicly available proof-of-concept (PoC) exploit just 24 hours after its disclosure - [First steps to take after being infected with a Ransomware](https://www.blackhatethicalhacking.com/articles/first-steps-to-take-after-being-infected-with-a-ransomware/) - While facing a ransomware infection can be overwhelming for any organization, following a systematic approach to recovery can significantly minimize the damage and restore normal operations efficiently. In this article, we will provide you with effective steps to recover from a ransomware attack. - [Microsoft's Urgent Fix: Bypassing Recent Patches for Critical Outlook Zero-Day Exploited in the Wild](https://www.blackhatethicalhacking.com/news/microsofts-urgent-fix-bypassing-recent-patches-for-critical-outlook-zero-day-exploited-in-the-wild-2/) - Microsoft swiftly responded to a security vulnerability this week, addressing a flaw that allowed remote attackers to bypass recent patches targeting a critical zero-day security issue in Outlook. - [OSINT Tool: GooFuzz](https://www.blackhatethicalhacking.com/tools/goofuzz/) - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server. - [Critical Linux Kernel Flaw - Unprivileged Users Gain Root Control](https://www.blackhatethicalhacking.com/news/critical-linux-kernel-flaw-unprivileged-users-gain-root-control/) - A critical flaw has been discovered in the Linux NetFilter kernel, exposing a vulnerability that enables unprivileged local users to escalate their privileges to root level, granting them complete control over a system. - [CACTUS Ransomware Exploits VPN Flaws to Infiltrate Corporate Networks](https://www.blackhatethicalhacking.com/news/cactus-ransomware-exploits-vpn-flaws-to-infiltrate-corporate-networks/) - Security researchers have uncovered a new strain of ransomware dubbed CACTUS that exploits known vulnerabilities in VPN appliances to infiltrate targeted networks - [New Akira Ransomware Operation Hits Corporate Networks](https://www.blackhatethicalhacking.com/news/new-akira-ransomware-operation-hits-corporate-networks/) - A new ransomware operation named Akira has been quietly and systematically infiltrating corporate networks worldwide since its launch in March 2023. - [Maximizing IDOR Detection with Burp Suite's Autorize](https://www.blackhatethicalhacking.com/articles/maximizing-idor-detection-with-burp-suites-autorize/) - This article aims to enhance your ability to detect IDOR vulnerabilities more efficiently and take your discovery process to the next level. Additionally, you will learn how to utilize Autorize, a powerful Burp Suite extension that streamlines the testing process for access control vulnerabilities in web apps. - [In-Browser Windows Update Simulation Used as a Vehicle for Aurora Malware](https://www.blackhatethicalhacking.com/news/in-browser-windows-update-simulation-used-as-a-vehicle-for-aurora-malware/) - A sophisticated malvertising campaign has recently been uncovered, employing an in-browser Windows update simulation to distribute the notorious Aurora information-stealing malware. - [Recon Tool: Sniffer](https://www.blackhatethicalhacking.com/tools/sniffer/) - Sniffer is a network troubleshooting tool that lets you analyze network traffic and processes without loading any kernel modules. With a user-friendly TUI interface, Sniffer captures and records packet information using gopacket. - [North Korean Kimsuky Hacking Group Ups Their Game with New 'ReconShark' Malware](https://www.blackhatethicalhacking.com/news/north-korean-kimsuky-hacking-group-ups-their-game-with-new-reconshark-malware/) - The North Korean Kimsuky hacking group has recently been observed using a new version of its reconnaissance malware, dubbed 'ReconShark,' in an expanded cyberespionage campaign targeting organizations across the globe. - [APT hacking group uses double DLL sideloading to bypass security](https://www.blackhatethicalhacking.com/news/apt-hacking-group-uses-double-dll-sideloading-to-bypass-security/) - An APT hacking group, known as "Dragon Breath," "Golden Eye Dog," or "APT-Q-27," is demonstrating a new trend of using complex variations of the classic DLL sideloading technique to evade detection. - [New Malware 'LOBSHOT' Secretly Takes Over Windows Devices via Google Ads](https://www.blackhatethicalhacking.com/news/new-malware-lobshot-secretly-takes-over-windows-devices-via-google-ads/) - Security researchers have discovered a new remote access Trojan (RAT) named LOBSHOT being distributed via Google Ads. - [T-Mobile Discloses Second Data Breach of 2023 Affecting Hundreds of Customers](https://www.blackhatethicalhacking.com/news/t-mobile-discloses-second-data-breach-of-2023-affecting-hundreds-of-customers/) - T-Mobile, one of the largest mobile carriers in the United States, recently disclosed its second data breach of 2023. According to the company, hackers gained access to the personal information of 836 customers for more than a month, starting in late February. - [Russian hackers use fake Windows updates to target Ukrainian government](https://www.blackhatethicalhacking.com/news/russian-hackers-use-fake-windows-updates-to-target-ukrainian-government/) - Russian state-sponsored hacking group APT28 (also known as Fancy Bear) is targeting various government bodies in Ukraine with malicious emails, posing as instructions on how to upgrade Windows for cyberattack defense, according to the Computer Emergency Response Team of Ukraine (CERT-UA). - [New macOS Malware 'Atomic' for Sale to Cybercriminals for $1,000 a Month](https://www.blackhatethicalhacking.com/news/new-macos-malware-atomic-for-sale-to-cybercriminals-for-1000-a-month/) - A new strain of macOS malware is currently being offered for sale to cybercriminals via private Telegram channels. Named 'Atomic,' this malicious software is reportedly fetching a subscription of $1,000 per month from buyers interested in its information-stealing capabilities. - [Malware Analysis Tool: retoolkit](https://www.blackhatethicalhacking.com/tools/retoolkit/) - Retoolkit is a Reverse Engineering and Malware Analysis collection of tools on x86 and x64 Windows systems. It aims to provide a set of useful utilities for binary analysis and reverse engineering which includes various tools such as disassemblers, debuggers, and more. - [Offensive Security Tool: Go365](https://www.blackhatethicalhacking.com/tools/go365/) - Go365 is an Office365 user attack tool and its designed to help security professionals and researchers perform user enumeration and password guessing attacks on organizations that use Office365. - [Cisco Discloses Zero-Day XSS Vulnerability in Prime Collaboration Deployment Software](https://www.blackhatethicalhacking.com/news/cisco-discloses-zero-day-xss-vulnerability-in-prime-collaboration-deployment-software/) - Cisco has disclosed a zero-day vulnerability in its Prime Collaboration Deployment (PCD) software that could be used for cross-site scripting attacks. - [VMware Issues Critical Security Updates to Fix Zero-Day Vulnerabilities](https://www.blackhatethicalhacking.com/news/vmware-issues-critical-security-updates-to-fix-zero-day-vulnerabilities/) - VMware, has released security updates to address zero-day vulnerabilities that could potentially be used to execute code on systems running unpatched versions of the company's Workstation and Fusion software hypervisors. - [Corporate networks at risk: used routers on the secondary market expose sensitive data](https://www.blackhatethicalhacking.com/news/corporate-networks-at-risk-used-routers-on-the-secondary-market-expose-sensitive-data/) - Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information - [EvilExtractor: The All-In-One Stealer Malware Available on The Dark Web](https://www.blackhatethicalhacking.com/news/evilextractor-the-all-in-one-stealer-malware-available-on-the-dark-web/) - Fortinet FortiGuard Labs researchers have discovered a new "all-in-one" stealer malware named EvilExtractor that is being sold on cybercrime forums like Cracked. - [Lazarus Continues to Evolve Tactics with Shift to Linux Malware](https://www.blackhatethicalhacking.com/news/lazarus-continues-to-evolve-tactics-with-shift-to-linux-malware/) - North Korean threat group Lazarus, notorious for its high-profile cyber attacks, has expanded its Operation DreamJob campaign to target Linux users with malware for the first time. - [APT28 Hackers Target Cisco Routers with Custom Malware](https://www.blackhatethicalhacking.com/news/apt28-hackers-target-cisco-routers-with-custom-malware/) - US and UK intelligence agencies, along with Cisco, have issued a joint report warning about state-sponsored APT28 hackers who are exploiting an old SNMP flaw on Cisco IOS routers. - [Chinese hacking group APT41 caught using Google tool for data theft](https://www.blackhatethicalhacking.com/news/chinese-hacking-group-apt41-caught-using-google-tool-for-data-theft/) - Chinese state-sponsored hacking group APT41, also known as HOODOO, has been caught using Google's open-source GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media company and an Italian job search website. - [OSINT Tool: wholeaked](https://www.blackhatethicalhacking.com/tools/wholeaked/) - wholeaked , is designed to help individuals and organizations identify if their email addresses have been exposed in a data breach. The tool works by searching through a database of leaked email addresses and cross-referencing them with the email addresses provided by the user. - [LockBit Ransomware Gang Testing First-Ever Ransomware for macOS](https://www.blackhatethicalhacking.com/news/lockbit-ransomware-gang-testing-first-ever-ransomware-for-macos/) - The notorious LockBit ransomware gang has recently developed a new set of encryptors designed to target macOS devices for the first time, marking a significant milestone in the history of ransomware attacks. - [Cybercriminals Target MS-SQL Servers with Trigona Ransomware](https://www.blackhatethicalhacking.com/news/cybercriminals-target-ms-sql-servers-with-trigona-ransomware/) - AhnLab, a South Korean cybersecurity firm, has uncovered a Trigona ransomware campaign that targets poorly secured and internet-exposed Microsoft SQL (MS-SQL) servers. - [Offensive Security Tool: dontgo403](https://www.blackhatethicalhacking.com/tools/dontgo403/) - DontGo403 is a tool designed to help Pentesters and Red Teams identify vulnerabilities in web servers that could be exploited to gain unauthorized access to resources. The tool does this by bypassing HTTP error code 403 responses, which are typically used to indicate that a user is not authorized to access a particular resource or webpage. - [New generation of botnets builds high-performance VPS-based DDoS attacks](https://www.blackhatethicalhacking.com/news/new-generation-of-botnets-builds-high-performance-vps-based-ddos-attacks/) - Cloudflare, an internet security company, has reported that hyper-volumetric DDoS (distributed denial of service) attacks in Q1 2023 have shifted focus from compromised IoT devices to breached Virtual Private Servers (VPS). - [Microsoft Patches Windows Zero-Day Exploited to Spread Ransomware](https://www.blackhatethicalhacking.com/news/microsoft-patches-windows-zero-day-exploited-to-spread-ransomware/) - Microsoft has recently patched a zero-day vulnerability discovered in the Windows Common Log File System (CLFS) that was being actively exploited by cybercriminals to escalate privileges and deploy Nokoyawa ransomware payloads. - [Over One Million WordPress Websites Infected with Balada Injector Malware Campaign](https://www.blackhatethicalhacking.com/news/over-one-million-wordpress-websites-infected-with-balada-injector-malware-campaign/) - A new report from GoDaddy's Sucuri has revealed that over one million WordPress websites may have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. - [Apple releases emergency security updates to address zero-day vulnerabilities on iPhones, Macs, and iPads](https://www.blackhatethicalhacking.com/news/apple-releases-emergency-security-updates-to-address-zero-day-vulnerabilities-on-iphones-macs-and-ipads/) - The security updates address two new zero-day vulnerabilities that have been exploited to compromise iPhones, Macs, and iPads. - [Meet 'Legion': The New Python-Based Credential Harvester and SMTP Hijacking Tool](https://www.blackhatethicalhacking.com/news/meet-legion-the-new-python-based-credential-harvester-and-smtp-hijacking-tool/) - A new tool called 'Legion' has emerged in the world of cybercrime, offering a range of modules for credential harvesting and SMTP hijacking. - [Offensive Security Tool: Mythic](https://www.blackhatethicalhacking.com/tools/mythic/) - Mythic is a highly flexible and customizable open-source command-and-control (C2) framework built with python3, docker, docker-compose, and a web browser UI. The framework provides a collaborative and user friendly interface for operators, managers, and reporting that can be used by red teamers and penetration testers. - [Rilide: The Malicious Extension that Steals Cryptocurrency and Bypasses 2FA](https://www.blackhatethicalhacking.com/news/rilide-the-malicious-extension-that-steals-cryptocurrency-and-bypasses-2fa/) - The malware, called Rilide, is capable of monitoring browser activity, taking screenshots, and stealing cryptocurrency by injecting scripts into web pages. - [Meet Rorschach: The Fastest Ransomware Strain Yet Discovered](https://www.blackhatethicalhacking.com/news/meet-rorschach-the-fastest-ransomware-strain-yet-discovered/) - The malware was discovered following a cyberattack on a US-based company, and researchers found that Rorschach would be the fastest ransomware threat on the market based on their tests. - [Malicious WinRAR SFX Files Slipping Past Traditional AV Solutions](https://www.blackhatethicalhacking.com/news/malicious-winrar-sfx-files-slipping-past-traditional-av-solutions/) - Researchers from cybersecurity firm CrowdStrike have discovered that hackers are adding malicious functionality to self-extracting archives (SFX) created with compression software like WinRAR or 7-Zip. By including harmless decoy files in the SFX files, attackers can plant backdoors without triggering the security agent on the target system. - [10-Year-Old Windows vulnerability still being exploited in the 3CX attacks](https://www.blackhatethicalhacking.com/news/10-year-old-windows-vulnerability-still-being-exploited-in-the-3cx-attacks/) - A 10-year-old vulnerability in Windows is still being exploited by cybercriminals to make it seem like executables are legitimately signed, with Microsoft's fix remaining optional for users after all these years. - [The Rise and Fall of Sabu: From Hacker Hero to FBI Informant](https://www.blackhatethicalhacking.com/articles/the-rise-and-fall-of-sabu-from-hacker-hero-to-fbi-informant/) - In this article, we explore the fascinating life of Hector Xavier Monsegur, also known as Sabu, a former member of the hacking collectives Anonymous and LulzSec. Sabu gained notoriety in 2011 for leading a series of high-profile cyber-attacks... - [CryptoClippy: New Malware Targeting Users for Cryptocurrency Theft](https://www.blackhatethicalhacking.com/news/cryptoclippy-new-malware-targeting-users-for-cryptocurrency-theft/) - Portuguese users have recently become the target of a new form of malware, codenamed CryptoClippy. This particular malware is capable of stealing cryptocurrency as part of a malvertising campaign that entices users searching for "WhatsApp web" to rogue domains hosting the malware - [Recon Tool: Bad Secrets](https://www.blackhatethicalhacking.com/tools/bad-secrets/) - Bad Secrets its a pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms. - [Microsoft's Misconfigured Application Allowed for Real-Time Breach Attempts on Bing.com](https://www.blackhatethicalhacking.com/news/microsofts-misconfigured-application-allowed-for-real-time-breach-attempts-on-bing-com/) - Microsoft has fixed a security flaw that could have allowed malicious actors to modify Bing.com search results and potentially breach the accounts of Office 365 users. The flaw was discovered by Wiz Research, which dubbed the attack "BingBang." - [Major Companies Hit in Ongoing 3CX VoIP Supply Chain Attack](https://www.blackhatethicalhacking.com/news/major-companies-hit-in-ongoing-3cx-voip-supply-chain-attack/) - Hackers are using a trojanized version of the 3CX Voice Over Internet Protocol (VoIP) desktop client to target the software development company's customers in an ongoing supply chain attack. - [Attackers Could Exploit Flaw in WiFi Protocol to Hijack TCP Connections](https://www.blackhatethicalhacking.com/news/attackers-could-exploit-flaw-in-wifi-protocol-to-hijack-tcp-connections/) - Cybersecurity researchers have found a significant vulnerability in the IEEE 802.11 WiFi protocol standard, which can be exploited by hackers to trick access points into leaking network frames in plaintext form. - [MacStealer: The new info-stealing malware targeting Mac users](https://www.blackhatethicalhacking.com/news/macstealer-the-new-info-stealing-malware-targeting-mac-users/) - Security researchers have discovered a new malware called MacStealer that is targeting macOS users. The malware has been designed to steal sensitive information stored on the iCloud KeyChain and web browsers, including credentials, cookies, and credit card details. - [Microsoft Uncovers Evidence of Russian Hackers Exploiting Outlook Vulnerability](https://www.blackhatethicalhacking.com/news/microsoft-uncovers-evidence-of-russian-hackers-exploiting-outlook-vulnerability/) - Microsoft has issued guidance to help its customers detect the indicators of compromise (IoCs) associated with a recently fixed Outlook vulnerability. - [Critical Bug in WooCommerce Payments Exposes Online Stores to Hackers](https://www.blackhatethicalhacking.com/news/critical-bug-in-woocommerce-payments-exposes-online-stores-to-hackers/) - Automattic, the company responsible for the WordPress content management system, has issued a mandatory security update to patch a critical vulnerability in WooCommerce Payments, a popular online payment system. - [Pwn2Own Vancouver 2023: Zero-Day Exploits Revealed for Tesla Model 3, Windows 11, and macOS](https://www.blackhatethicalhacking.com/news/pwn2own-vancouver-2023-zero-day-exploits-revealed-for-tesla-model-3-windows-11-and-macos/) - At Pwn2Own Vancouver 2023, security researchers brought their A-game, demonstrating zero-day exploits and exploit chains for some of the most popular products in enterprise applications, enterprise communications, local escalation of privilege (EoP), server, virtualization, and automotive categories. - [Severe Privacy Vulnerability 'Acropalypse' Affects Windows 11 Snipping Tool](https://www.blackhatethicalhacking.com/news/severe-privacy-vulnerability-acropalypse-affects-windows-11-snipping-tool/) - Security researchers have discovered a severe privacy flaw named 'acropalypse,' which has been found to affect the Windows Snipping Tool, causing data leaks that leave sensitive information exposed. - [General Bytes Bitcoin ATMs Hacked via Zero-Day Attack](https://www.blackhatethicalhacking.com/news/general-bytes-bitcoin-atms-hacked-via-zero-day-attack/) - Bitcoin ATM manufacturer General Bytes recently disclosed that its management platform was exploited by hackers, resulting in the theft of cryptocurrency from the company and its customers. - [Akamai warns of new HinataBot malware botnet capable of massive DDoS attacks](https://www.blackhatethicalhacking.com/news/akamai-warns-of-new-hinatabot-malware-botnet-capable-of-massive-ddos-attacks/) - Akamai researchers recently discovered a new malware botnet known as HinataBot that targets Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into a distributed denial of service (DDoS) swarm. - [Samsung Users at Risk: 18 Zero-Day Vulnerabilities Found in Exynos Chipsets](https://www.blackhatethicalhacking.com/news/samsung-users-at-risk-18-zero-day-vulnerabilities-found-in-exynos-chipsets/) - Google's bug-hunting team, Project Zero, has identified 18 zero-day vulnerabilities in Samsung's Exynos chipsets used in mobile devices, wearables, and cars. - [Offensive Security Tool: Bypass Url Parser](https://www.blackhatethicalhacking.com/tools/bypass-url-parser/) - Bypass-url-parser is a tool designed to simplify theprocess of testing URL parsing vulnerabilities in web applications. It tests MANY url bypasses to reach a 40X protected page. - [Kali Linux 2023.1 - Adds Kali Purple for defensive security, python updates, new tools](https://www.blackhatethicalhacking.com/news/kali-linux-2023-1-adds-kali-purple-for-defensive-security-python-updates-new-tools/) - Offensive Security has launched Kali Linux 2023.1, which marks the project's 10th anniversary and is the first version of 2023. The release features a new distribution known as 'Kali Purple,' targeting Blue and Purple teamers for defensive security. - [Russian hackers exploit Outlook zero-day vulnerability to target European organizations](https://www.blackhatethicalhacking.com/news/russian-hackers-exploit-outlook-zero-day-vulnerability-to-target-european-organizations/) - Microsoft has released a security patch to address a critical vulnerability (CVE-2023-23397) in Outlook that was exploited by a Russian hacking group to target government, military, energy, and transportation organizations in Europe. - [CISA Identifies Critical Vulnerability in Adobe ColdFusion](https://www.blackhatethicalhacking.com/news/cisa-identifies-critical-vulnerability-in-adobe-coldfusion/) - Following the discovery of a critical vulnerability in Adobe ColdFusion, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning. The flaw, known as CVE-2023-26360, can be exploited remotely by attackers who do not require user interaction. - [GoBruteforcer: New Golang-based Botnet Malware Scans for and Infects Web Servers](https://www.blackhatethicalhacking.com/news/gobruteforcer-new-golang-based-botnet-malware-scans-for-and-infects-web-servers/) - Cybersecurity researchers have uncovered a new Golang-based botnet malware called GoBruteforcer that targets web servers running phpMyAdmin, MySQL, FTP, and Postgres services. - [Offensive Security Tool: CrackQL](https://www.blackhatethicalhacking.com/tools/crackql/) - CrackQL is a versatile GraphQL penetration testing tool that exploits poor rate-limit and cost analysis controls to brute-force credentials and fuzz operations. - [Sharp Panda Strikes Again: Advanced Tactics in Latest Espionage Campaign](https://www.blackhatethicalhacking.com/news/sharp-panda-strikes-again-advanced-tactics-in-latest-espionage-campaign/) - Sharp Panda, a notorious Chinese cyber-espionage hacking group, has been targeting high-profile government entities in Vietnam, Thailand, and Indonesia with a new version of the 'Soul' malware framework. - [AT&T Data Breach: 9 Million Customers Affected by Marketing Vendor Hack](https://www.blackhatethicalhacking.com/news/att-data-breach-9-million-customers-affected-by-marketing-vendor-hack/) - AT&T has announced that a marketing vendor was hacked in January, causing approximately 9 million wireless accounts to have their Customer Proprietary Network Information (CPNI) exposed. - [Bitwarden Autofill Feature Can Expose Passwords to Malicious Attackers](https://www.blackhatethicalhacking.com/news/bitwarden-autofill-feature-can-expose-passwords-to-malicious-attackers/) - Bitwarden, an open-source password management service, has come under scrutiny for a risky behavior in its autofill feature that could potentially allow malicious actors to steal users' login credentials. - [Billion Devices at Risk: Two Buffer Overflow Flaws Found in TPM 2.0 Specification](https://www.blackhatethicalhacking.com/news/billion-devices-at-risk-two-buffer-overflow-flaws-found-in-tpm-2-0-specification/) - The Trusted Platform Module (TPM) 2.0 specification, a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions, is facing security concerns due to two buffer overflow vulnerabilities discovered - [Proof-of-concept for critical Microsoft Word vulnerability published](https://www.blackhatethicalhacking.com/news/proof-of-concept-for-critical-microsoft-word-vulnerability-published-2/) - Over the weekend, a proof-of-concept was published for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution. - [Offensive Security Tool: SSTImap](https://www.blackhatethicalhacking.com/tools/sstimap/) - SSTImap can be used as an interactive penetration testing tool for SSTI detection and exploitation, which allows more advanced exploitation. - [Recon Tool: SauronEye](https://www.blackhatethicalhacking.com/tools/sauroneye/) - SauronEye is a search tool built to aid red teams in finding files containing specific keywords. Such as passwords and secrets, across multiple network drives and within the contents of files, including Microsoft Office files. - [Offensive Security Tool: SpoolSploit](https://www.blackhatethicalhacking.com/tools/spoolsploit/) - SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. - [Critical Security Vulnerability Discovered in Cisco IP Phones](https://www.blackhatethicalhacking.com/news/critical-security-vulnerability-discovered-in-cisco-ip-phones/) - In a recent announcement, Cisco has acknowledged two high-severity vulnerabilities in its Web UI, found in multiple IP Phone models. - [Critical vulnerabilities discovered in popular Houzez theme and plugin for WordPress](https://www.blackhatethicalhacking.com/news/critical-vulnerabilities-discovered-in-popular-houzez-theme-and-plugin-for-wordpress/) - The Houzez theme and plugin for WordPress, widely used in the real estate industry, are under attack from cybercriminals exploiting two critical-severity vulnerabilities. - [Lucky Mouse threat group launches Linux malware toolkit called SysUpdate for targeted attacks](https://www.blackhatethicalhacking.com/news/lucky-mouse-threat-group-launches-linux-malware-toolkit-called-sysupdate-for-targeted-attacks/) - The notorious Lucky Mouse threat group has launched a new Linux version of its SysUpdate malware toolkit, expanding its reach to target devices running on this operating system. - [Crypto Companies Under Attack: New Campaign Delivers Parallax RAT Malware](https://www.blackhatethicalhacking.com/news/crypto-companies-under-attack-new-campaign-delivers-parallax-rat-malware/) - Cryptocurrency companies are the latest target of a malicious campaign that delivers a remote access trojan (RAT) called Parallax RAT - [BHEH and PRIM6 Strategic Partnership](https://www.blackhatethicalhacking.com/press-release/bheh-and-prim6-strategic-partnership/) - BHEH and PRIM6 Strategic Partnership - [S1deload Stealer: The New Malware Threat Targeting Social Media Accounts](https://www.blackhatethicalhacking.com/news/s1deload-stealer-the-new-malware-threat-targeting-social-media-accounts/) - Dubbed S1deload Stealer, the malware infects victims' computers by tricking them into downloading executable files from adult-themed archives on social media platforms. - [Fortinet's FortiNAC Network Access Control Suite Hacked: Critical Vulnerability Discovered](https://www.blackhatethicalhacking.com/news/fortinets-fortinac-network-access-control-suite-hacked-critical-vulnerability-discovered/) - Fortinet's FortiNAC network access control suite has been hit with a critical security vulnerability (CVE-2022-39952), which has recently been exploited. - [Stealc, New Information Stealer Malware Emerges on Dark Web](https://www.blackhatethicalhacking.com/news/stealc-new-information-stealer-malware-emerges-on-dark-web/) - A new information stealer called Stealc has emerged on the dark web gaining traction due to aggressive promotion of stealing capabilities - [Advanced Threat Actor Earth Kitsune Uses New Backdoor, WhiskerSpy](https://www.blackhatethicalhacking.com/news/advanced-threat-actor-earth-kitsune-uses-new-backdoor-whiskerspy/) - A new backdoor called WhiskerSpy has been discovered by cybersecurity firm, Trend Micro. It was used in a campaign by Earth Kitsune, an advanced threat actor known for targeting individuals interested in North Korea. - [The Evolution of a Cryptomining Threat on macOS: What You Need to Know](https://www.blackhatethicalhacking.com/news/the-evolution-of-a-cryptomining-threat-on-macos-what-you-need-to-know/) - Security researchers at Jamf Threat Labs have uncovered a new macOS threat that has been targeting users for some time. Disguised as a malicious version of Final Cut Pro, the threat remains largely undetected by antivirus engines, and is distributed over torrent sites. - [Malware Targeting Microsoft IIS: What You Need to Know](https://www.blackhatethicalhacking.com/news/malware-targeting-microsoft-iis-what-you-need-to-know/) - Hackers have developed a new malware known as 'Frebniis' that infiltrates Microsoft's Internet Information Services (IIS) - [Protecting Your Hyundai or KIA from the "Kia Challenge" Hack](https://www.blackhatethicalhacking.com/news/protecting-your-hyundai-or-kia-from-the-kia-challenge-hack/) - Hyundai and KIA have been forced to respond to a major problem with car theft that has been promoted heavily on TikTok and other social media channels. - [MortalKombat Ransomware: What You Need to Know About the Latest Threat](https://www.blackhatethicalhacking.com/news/mortalkombat-ransomware-what-you-need-to-know-about-the-latest-threat/) - Hackers are using a new variant of the Xortist commodity ransomware called "MortalKombat" alongside the Laplas clipper in their latest financially-motivated campaign. - [Zero-Day Threat Alert: Hackers Target iPhones, iPads, and Macs](https://www.blackhatethicalhacking.com/news/zero-day-threat-alert-hackers-target-iphones-ipads-and-macs/) - Apple has released emergency security updates to address a new zero-day vulnerability used in recent attacks to hack iPhones, iPads, and Macs. - [Beware of Phishing: Namecheap Email Breach Impersonates DHL and MetaMask](https://www.blackhatethicalhacking.com/news/beware-of-phishing-namecheap-email-breach-impersonates-dhl-and-metamask/) - Namecheap, a well-known domain registrar, suffered a security breach on Sunday night when their email account was compromised. - [Operation OpRussia - Anonymous attacks on Russia](https://www.blackhatethicalhacking.com/articles/operation-oprussia-anonymous-attacks-on-russia/) - In this article we explore some of the attacks that Anonymous did against Russia in response to the Russian invasion in Ukraine. - [Digital Forensics Tool: Dangerzone](https://www.blackhatethicalhacking.com/tools/dangerzone/) - Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs. - [Offensive Security Tool: Freeze](https://www.blackhatethicalhacking.com/tools/freeze/) - Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. - [Recon Tool: Shotlooter](https://www.blackhatethicalhacking.com/tools/shotlooter/) - Shotlooter is a tool developed to find sensitive data inside the screenshots which are uploaded to https://prnt.sc/ by applying OCR and image processing methods. - [Major Cyber Attacks of 2022](https://www.blackhatethicalhacking.com/articles/major-cyber-attacks-of-2022/) - In this article we discuss the major Cyber Attacks that shaped 2022. You'll get informed about the top hacking incidents, including breaches, ransomware attacks, hacking campaigns and more. - [Recon Tool: msprobe](https://www.blackhatethicalhacking.com/tools/msprobe/) - msprobe lets you find all things on-prem Microsoft for password spraying and enumeration. It will use a list of common subdomains associated with your target apex domain to attempt and discover valid instances of on-prem Microsoft solutions. - [Reddit Hacked: Hackers Access Internal Business Systems and Source Code](https://www.blackhatethicalhacking.com/news/reddit-hacked-hackers-access-internal-business-systems-and-source-code/) - On Sunday evening, Reddit was targeted by hackers who managed to access its internal business systems and steal internal documents and source code. - [ESXiArgs Ransomware Strikes Again with Improved Encryption Routine](https://www.blackhatethicalhacking.com/news/esxiargs-ransomware-strikes-again-with-improved-encryption-routine/) - Ransomware attacks on VMware ESXi servers have taken a turn for the worse, with a new version of ESXiArgs ransomware making data recovery close to impossible. - [New version of Clop ransomware targets Linux servers](https://www.blackhatethicalhacking.com/news/new-version-of-clop-ransomware-targets-linux-servers/) - The Clop ransomware gang is using a new malware variant that targets Linux servers, but the encryption scheme is flawed, allowing victims to retrieve their files for free. - [Exploit Code Released for Actively Exploited GoAnywhere MFT Vulnerability](https://www.blackhatethicalhacking.com/news/exploit-code-released-for-actively-exploited-goanywhere-mft-vulnerability/) - An actively exploited zero-day vulnerability affecting Internet-exposed GoAnywhere MFT (Managed File Transfer) administrator consoles has been made public. - [Royal Ransomware Targets Linux Devices](https://www.blackhatethicalhacking.com/news/royal-ransomware-targets-linux-devices/) - Royal Ransomware is the latest ransomware operation to support the encryption of Linux devices, specifically targeting VMware ESXi virtual machines. - [Cisco IOx Vulnerability Exploited in Command Injection Attacks](https://www.blackhatethicalhacking.com/news/cisco-iox-vulnerability-exploited-in-command-injection-attacks/) - Cisco has released security updates to address a high-severity vulnerability in the Cisco IOx application hosting environment that can be exploited in command injection attacks. - [HeadCrab: The Stealthy Malware Infiltrating Redis Servers for Cryptomining](https://www.blackhatethicalhacking.com/news/headcrab-the-stealthy-malware-infiltrating-redis-servers-for-cryptomining/) - A new malware called HeadCrab has been discovered by Aqua Security researchers that is specifically designed to target vulnerable Redis servers online to mine Monero cryptocurrency. - [Sh1mmer: A New Exploit Enables Unenrollment of Enterprise-Managed Chromebooks](https://www.blackhatethicalhacking.com/news/sh1mmer-a-new-exploit-enables-unenrollment-of-enterprise-managed-chromebooks/) - A new exploit called 'Sh1mmer' allows users to unenroll enterprise-managed Chromebooks and bypass device restrictions. - [PlugX Variant Uncovered: Document-Stealing Malware Targets USB Drives](https://www.blackhatethicalhacking.com/news/plugx-variant-uncovered-document-stealing-malware-targets-usb-drives/) - A new variant of the PlugX malware has been uncovered by security researchers, which has the ability to hide malicious files on removable USB devices and infect the Windows hosts they connect to. - [QNAP NAS Devices at Risk of Remote Malicious Code Injection](https://www.blackhatethicalhacking.com/news/qnap-nas-devices-at-risk-of-remote-malicious-code-injection-2/) - QNAP, a provider of Network-Attached Storage (NAS) devices, has issued a warning to its customers to install firmware updates that resolve a critical security vulnerability on its devices. - [Windows CryptoAPI Flaw Allows Attackers to Spoof Identity, PoC Exploit Released](https://www.blackhatethicalhacking.com/news/windows-cryptoapi-flaw-allows-attackers-to-spoof-identity-poc-exploit-released/) - Akamai researchers have released proof of concept exploit code for a critical Windows CryptoAPI vulnerability, which was discovered by the NSA and U.K.'s NCSC and allows for MD5-collision certificate spoofing. - [LearnPress: 75,000 WordPress Websites at Risk from Critical Vulnerabilities](https://www.blackhatethicalhacking.com/news/learnpress-75000-wordpress-websites-at-risk-from-critical-vulnerabilities/) - LearnPress, a popular WordPress plugin for creating and selling online courses, has been found to contain multiple critical-severity flaws that were discovered by PatchStack. - [Cisco VPN Routers: 19,000 Devices Left Exposed to Remote Command Execution Exploit Chain](https://www.blackhatethicalhacking.com/news/cisco-vpn-routers-19000-devices-left-exposed-to-remote-command-execution-exploit-chain/) - Over 19,000 end-of-life Cisco VPN routers are exposed to attacks targeting a remote command execution exploit chain. - [Ransack Library's Search and Sort Feature Puts Ruby on Rails Applications at Risk of Information Theft](https://www.blackhatethicalhacking.com/news/ransack-librarys-search-and-sort-feature-puts-ruby-on-rails-applications-at-risk-of-information-theft/) - Security firm Positive Security has warned that poor integration of the Ransack library into Ruby on Rails (RoR) applications could allow attackers to steal information from backend databases. - [OneNote Attachments: The Next Frontier in Malware Distribution](https://www.blackhatethicalhacking.com/news/onenote-attachments-the-next-frontier-in-malware-distribution/) - Cyber criminals are using OneNote attachments in phishing emails to infect victims with remote access malware, according to reports. - [Mailchimp says it was hacked, again](https://www.blackhatethicalhacking.com/news/mailchimp-says-it-was-hacked-again/) - Mailchimp, a company that specializes in email marketing and newsletters, has announced that it was hacked and that dozens of customers' data was exposed. This is the second time the company has been hacked in the past six months - [T-Mobile hacked to steal data of 37 million accounts in API data breach](https://www.blackhatethicalhacking.com/news/t-mobile-hacked-to-steal-data-of-37-million-accounts-in-api-data-breach/) - T-Mobile recently announced a data breach in which a hacker stole the personal information of 37 million current postpaid and prepaid customer accounts through one of the company's Application Programming Interfaces (APIs). - [MSI accidentally breaks Secure Boot for hundreds of motherboards](https://www.blackhatethicalhacking.com/news/msi-accidentally-breaks-secure-boot-for-hundreds-of-motherboards/) - Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature. - [PoC exploits released for critical bugs in popular WordPress plugins](https://www.blackhatethicalhacking.com/news/poc-exploits-released-for-critical-bugs-in-popular-wordpress-plugins/) - Three popular WordPress plugins with tens of thousands of active installations are vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly available. - [Git patches two critical remote code execution security flaws](https://www.blackhatethicalhacking.com/news/git-patches-two-critical-remote-code-execution-security-flaws/) - [Microsoft: Cuba ransomware hacking Exchange servers via OWASSRF flaw](https://www.blackhatethicalhacking.com/news/microsoft-cuba-ransomware-hacking-exchange-servers-via-owassrf-flaw/) - Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware attacks. - [Cisco warns of auth bypass bug with public exploit in EoL routers](https://www.blackhatethicalhacking.com/news/cisco-warns-of-auth-bypass-bug-with-public-exploit-in-eol-routers/) - Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. - [GitHub makes it easier to scan your code for vulnerabilities](https://www.blackhatethicalhacking.com/news/github-makes-it-easier-to-scan-your-code-for-vulnerabilities/) - GitHub has introduced a new option to set up code scanning for a repository known as "default setup," designed to help developers configure it automatically with just a few clicks. - [Trojan Puzzle attack trains AI assistants into suggesting malicious code](https://www.blackhatethicalhacking.com/news/trojan-puzzle-attack-trains-ai-assistants-into-suggesting-malicious-code/) - Named 'Trojan Puzzle,' the attack stands out for bypassing static detection and signature-based dataset cleansing models, resulting in the AI models being trained to learn how to reproduce dangerous payloads. - [Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls](https://www.blackhatethicalhacking.com/news/malicious-pypi-packages-create-cloudflare-tunnels-to-bypass-firewalls/) - Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. - [Hackers use CAPTCHA bypass to make 20K GitHub accounts in a month](https://www.blackhatethicalhacking.com/news/hackers-use-captcha-bypass-to-make-20k-github-accounts-in-a-month/) - The threat actors use afreejacking new CAPTCHA solving system, follow a more aggressive use of CPU resources for mining, and mixe '' with the "Play and Run" technique to abuse free cloud resources. - [New Linux malware uses 30 plugin exploits to backdoor WordPress sites](https://www.blackhatethicalhacking.com/news/new-linux-malware-uses-30-plugin-exploits-to-backdoor-wordpress-sites/) - A previously unknown Linux malware has been exploiting 30 vulnerabilities in multiple outdated WordPress plugins and themes to inject malicious JavaScript. - [Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks](https://www.blackhatethicalhacking.com/news/over-60000-exchange-servers-vulnerable-to-proxynotshell-attacks/) - More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. - [New SHC-compiled Linux malware installs cryptominers, DDoS bots](https://www.blackhatethicalhacking.com/news/new-shc-compiled-linux-malware-installs-cryptominers-ddos-bots/) - A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. - [PyTorch Framework compromised with dependency confusion attack](https://www.blackhatethicalhacking.com/news/pytorch-framework-compromised-with-dependency-confusion-attack/) - The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December 25, 2022, and December 30, 2022, to uninstall and download the latest versions following a dependency confusion attack. - [Offensive Security Tool: Psudohash](https://www.blackhatethicalhacking.com/tools/psudohash/) - Psudohash is a Password list generator that focuses on keywords mutated by commonly used password creation patterns. - [Offensive Security Tool: OrbitalDump](https://www.blackhatethicalhacking.com/tools/orbitaldump/) - OrbitalDump is a simple multi-threaded distributed SSH brute-forcing tool written in Python - [Recon Tool: MFASweep](https://www.blackhatethicalhacking.com/tools/mfasweep/) - MFASweep is a PowerShell script that attempts to log in to various Microsoft services using a provided set of credentials and will attempt to identify if MFA is enabled - [Digital Forensics Tool: Email Analyzer](https://www.blackhatethicalhacking.com/tools/email-analyzer/) - Email Analyzer is a tool that allows you to analyze suspicious emails. You can extract headers, links, and hashes from the .eml file and more. - [Offensive Security Tool: Pycrypt](https://www.blackhatethicalhacking.com/tools/pycrypt/) - Pycrypt is a Python Based Crypter that can Bypass any kinds Of Antivirus Product. - [Offensive Security Tool: Villain](https://www.blackhatethicalhacking.com/tools/villain/) - Villain is a Windows Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team. - [Offensive Security Tool: Merlin](https://www.blackhatethicalhacking.com/tools/merlin/) - Merlin is a cross-platform post-exploitation Command Control server and agent written in Go that allows you to perform various shellcode execution techniques. - [Offensive Security Tool: linWinPwn](https://www.blackhatethicalhacking.com/tools/linwinpwn/) - linWinPwn is a bash script that automates several Active Directory Enumeration and Vulnerability checks. - [Recon Tool: SecretScanner](https://www.blackhatethicalhacking.com/tools/secretscanner/) - SecretScanner helps users scan their container images or local directories on hosts and outputs a JSON file with details of all the secrets found. - [Recon Tool: Maigret](https://www.blackhatethicalhacking.com/tools/maigret/) - Maigret collects a dossier on a person by username only, checking for accounts on a huge number of sites and gathering all the available information from web pages. N - [Privacy & Policy](https://www.blackhatethicalhacking.com/terms/privacy-policy/) - Privacy & Policy for using our website - [Offensive Security Tool: Mangle](https://www.blackhatethicalhacking.com/tools/mangle/) - Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs. - [Offensive Security Tool: WinPwnage](https://www.blackhatethicalhacking.com/tools/winpwnage/) - WinPwnage is a tool that allows you to perform UAC bypass, Elevate, and Persistence methods for advanced Post-Exploitation attacks. - [Offensive Security Tool: LAZYPARIAH](https://www.blackhatethicalhacking.com/tools/lazypariah/) - LAZYPARIAH is a tool that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse shell payloads on the fly. - [Recon Tool: Parth](https://www.blackhatethicalhacking.com/tools/parth/) - Parth is a Heuristic Vulnerable Parameter Scanner. It is designed to aid web security testing by helping in prioritization of components for testing. - [Recon Tool: Hakrawler](https://www.blackhatethicalhacking.com/tools/hakrawler/) - Hakrawler is a fast Golang web crawler for gathering URLs and JavaScript file locations. It is designed for easy, quick discovery of endpoints and assets within a web application. - [Offensive Security Tool: Monkey365](https://www.blackhatethicalhacking.com/tools/monkey365/) - Monkey365 is a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews. - [Recon Tool: Collector](https://www.blackhatethicalhacking.com/tools/collector/) - Collector is an Intelligent automated tool used to collect every vulnerable XSS (Cross-Site Scripting) parameter via Wayback Machine. - [Offensive Security Tool: VLANPWN](https://www.blackhatethicalhacking.com/tools/vlanpwn/) - VLANPWN is a tool that is divided into 2 python scripts. One is designed to carry out a VLAN Hopping attack and the other allows conducting a DTP Switch Spoofing/Hijacking attack. - [OSINT Tool: ProtOSINT](https://www.blackhatethicalhacking.com/tools/protosint/) - ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses. - [Recon Tool: BF ActiveSub](https://www.blackhatethicalhacking.com/tools/bf-activesub/) - A Subdomain enumeration tool that supports active attack mode (not passive recon) written by Black Hat Ethical Hacking - [OSINT Tool: Social Hunter](https://www.blackhatethicalhacking.com/tools/social-hunter/) - Social Hunter crawls the given URL(s) and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. - [Offensive Security Tool: dnsReaper](https://www.blackhatethicalhacking.com/tools/dnsreaper/) - DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures in your arsenal - [Offensive Security Tool: fuxploider](https://www.blackhatethicalhacking.com/tools/fuxploider/) - This tool is an open-source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. - [Recon Tool: ZenBuster](https://www.blackhatethicalhacking.com/tools/zenbuster/) - ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python. It's intended for use in CTF challenges, or by security professionals to gather info on their targets. - [Security Engineer vs. Software Engineer](https://www.blackhatethicalhacking.com/articles/security-engineer-vs-software-engineer/) - Two of the fastest expanding tech career paths are cybersecurity and software development. In this article we'll explain how security engineers and software engineers are different and what they have in common. - [Recon Tool: CrossLinked](https://www.blackhatethicalhacking.com/tools/crosslinked/) - CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from a target organization. - [Offensive Security Tool: WEF (WiFi Exploitation Framework)](https://www.blackhatethicalhacking.com/tools/wef-wifi-exploitation-framework/) - This tool is a fully offensive framework for the 802.11 networks and protocols with different types of attacks for WPA/WPA2 and WEP, automated hash cracking and much more. - [Recon Tool: Is it alive?](https://www.blackhatethicalhacking.com/tools/is-it-alive/) - This tool is designed for Bug Bounty Hunters, Pentesters and Red teams with speed in mind. It will resolve a list of Domains, IPs, Hosts, URLs and save the results for valid/invalid fast by probing them. - [Write up: How to schedule tasks the right way in Linux, using crontab](https://www.blackhatethicalhacking.com/articles/how-to-schedule-tasks-the-right-way-in-linux-using-crontab/) - Cron is a time-based scheduling utility that allows you to schedule various jobs to run periodically or even on a system reboot. - [OSINT Tool: Blackbird](https://www.blackhatethicalhacking.com/tools/blackbird/) - Blackbird is an OSINT (Open-source intelligence) tool to search fast for accounts by username across 153 sites. - [Jeff Moss, aka Dark Tangent, the person who founded DEF CON and Black Hat](https://www.blackhatethicalhacking.com/articles/hacking-stories/jeff-moss-aka-dark-tangent-the-person-who-founded-def-con-and-black-hat/) - Jeff Moss was born in California, United States in January 1975. He is a hacker, computer, and Internet security expert who founded the Black Hat and DEF CON security conferences. - [OSINT Tool: SARENKA](https://www.blackhatethicalhacking.com/tools/sarenka/) - SARENKA is an Open Source Intelligence (OSINT) tool that helps you obtain and understand Attack Surface. It scraps data about Common Vulnerabilities and Exposures (CVE)... - [Offensive Security Tool: Offensive-Azure](https://www.blackhatethicalhacking.com/tools/offensive-azure/) - Offensive-Azure is a collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic. - [Offensive Security Tool: Pretender](https://www.blackhatethicalhacking.com/tools/pretender/) - Pretender is a tool to obtain machine-in-the-middle positions via spoofed local name resolution and DHCPv6 DNS takeover attacks. - [The Difference between White-Box and Black-Box Pentesting](https://www.blackhatethicalhacking.com/articles/information-security/the-difference-between-white-box-and-black-box-pentesting/) - Each Pentesting solution is different, with varying expertise and specialties. In this article, we'll explain the difference between White-Box and Black-Box Penetration Testing. - [Offensive Security Tool: GitHacker](https://www.blackhatethicalhacking.com/tools/githacker/) - GitHacker is a Git source leak exploit tool that restores the entire Git repository, including data from stash, for whitebox auditing and analysis of developers minds. - [Recon Tool: WayMore](https://www.blackhatethicalhacking.com/tools/waymore/) - The biggest difference between waymore and other tools is that it can also download the archived responses for URLs on wayback machine so that you can then search these for even more links... - [Darkside hacker group, the group that provides ransomware as a service](https://www.blackhatethicalhacking.com/articles/hacking-stories/darkside-hacker-group-the-group-that-provides-ransomware-as-a-service/) - DarkSide hacker group provides ransomware as a service, and it is believed to be responsible for the Colonial Pipeline cyberattack, the biggest US gas pipeline. - [The Difference between Vulnerability Assessment and Pentesting](https://www.blackhatethicalhacking.com/articles/information-security/the-difference-between-vulnerability-assessment-and-pentesting/) - Cyber-attacks shows no signs of slowing down. There are various ways that you can choose to evaluate how your company would react in case of a Cyber Attack. - [Kevin Poulsen, aka Dark Dante, and his hacking activities on ARPANET's networks](https://www.blackhatethicalhacking.com/articles/hacking-stories/kevin-poulsen-dark-dante-and-his-hacking-activities-on-arpanets-networks/) - Kevin Poulsen, aka Dark Dante, hacked ARPANET’s network, dig deep into the giant switching networks of Pacific Bell, exploring and exploiting every element he could on his way. - [Offensive Security Tool: HTTPLoot](https://www.blackhatethicalhacking.com/tools/httploot/) - An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites. - [Recon Tool: JFScan](https://www.blackhatethicalhacking.com/tools/jfscan/) - The JFScan is a wrapper around a super-fast port scanner Masscan. It's designed to simplify work when scanning for open ports on targets in a variety of formats. - [Digital Forensics Tool: Lupo - Malware IOC Extractor](https://www.blackhatethicalhacking.com/tools/lupo-malware-ioc-extractor/) - Lupo (Debugging module for Malware Analysis Automation) is a tool to automate and accelerate the process as much as possible. It is a dynamic analysis tool that can be used as a module with the debugger. - [Offensive Security Tool: DeepSleep](https://www.blackhatethicalhacking.com/tools/deepsleep/) - DeepSleep is a variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC. Evasive techniques take time to produce. They are the most important steps for any attack scenario. - [Offensive Security Tool: Mobile Security Framework (MobSF)](https://www.blackhatethicalhacking.com/tools/mobile-security-framework-mobsf/) - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. - [OSINT Tool: Metabigor](https://www.blackhatethicalhacking.com/tools/metabigor/) - Metabigor is an Intelligence tool, its goal is to do OSINT tasks and more but without any API key. OSINT stands for “open source intelligence.” - [Recon Tool: Domain Analyzer](https://www.blackhatethicalhacking.com/tools/domain-analyzer/) - Domain analyzer is a security analysis tool that automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. - [Recon Tool: qsreplace](https://www.blackhatethicalhacking.com/tools/qsreplace/) - qsreplace accepts URLs on stdin, replace all query string values with a user-supplied value, and only output each combination of query string parameters once per host and path. - [Offensive Security Tool: Arjun](https://www.blackhatethicalhacking.com/tools/arjun/) - When you are in a Red Team or a Pentester and working on a web app, before you start injection-based attacks, you need URLs with Parameters. Arjun can find query parameters for URL endpoints. - [Recon Tool: Dorks collections list](https://www.blackhatethicalhacking.com/tools/dorks-collections-list/) - Google Dorking is a technique used by investigative reporting organizations, security auditors to query search engines in order to find hidden information. - [Static Code Analysis Tool: scanmycode-ce](https://www.blackhatethicalhacking.com/tools/scanmycode-ce/) - It is a Code Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. - [Offensive Security Tool: malicious-pdf](https://www.blackhatethicalhacking.com/tools/malicious-pdf/) - Malicious-pdf allows you to generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh. - [Offensive Security Tool: Axiom](https://www.blackhatethicalhacking.com/tools/axiom/) - Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, and build and deploy repeatable infrastructure focused on offensive and defensive security. - [Offensive Security Tool: KeeThief](https://www.blackhatethicalhacking.com/tools/keethief/) - KeeThief is a tool that brings you methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory. - [Recon Tool: ReconFTW](https://www.blackhatethicalhacking.com/tools/reconftw/) - ReconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. - [OSINT Tool: MOSINT](https://www.blackhatethicalhacking.com/tools/mosint/) - OSINT gathering is a very important step when it comes to Recon. MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. - [Recon Tool: Findomain](https://www.blackhatethicalhacking.com/tools/findomain/) - Findomain is a complete solution for domain recognition. It Supports screenshotting, port scan, HTTP check, data import from other tools, subdomain monitoring.. - [Recon Tool: Smap](https://www.blackhatethicalhacking.com/tools/smap/) - Smap is a drop-in replacement for Nmap powered by shodan.io. It is a replica of Nmap which uses shodan.io's free API for port scanning. - [Offensive Security Tool: Proxmark3](https://www.blackhatethicalhacking.com/tools/proxmark3/) - The Proxmark3 is the swiss-army tool of RFID, allowing for interactions with the vast majority of RFID tags on a global scale. - [Offensive Security Tool: Boomerang](https://www.blackhatethicalhacking.com/tools/boomerang/) - Boomerang is a tool to expose multiple internal servers to the web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud... - [Recon Tool: PSRecon](https://www.blackhatethicalhacking.com/tools/psrecon/) - PSRecon gathers data from a remote Windows host using PowerShell, organizes the data into folders, hashes all extracted data, hashes PowerShell and various... - [Offensive Security Tool: SysWhispers3](https://www.blackhatethicalhacking.com/tools/syswhispers3/) - SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Security products, such as AVs and EDRs, usually... - [Recon Tool: SwaggerHole](https://www.blackhatethicalhacking.com/tools/swaggerhole/) - SwaggerHole is written to automate the process of retrieving secrets in the public APIs on swaggerHub. This tool is multithreaded and pipe mode is available. - [Offensive Security Tool: Fibratus](https://www.blackhatethicalhacking.com/tools/fibratus/) - Fibratus is a tool for exploration and tracing of the Windows kernel. It lets you trap system-wide events such as process life-cycle, file system I/O... - [Offensive Security Tool: Scapy](https://www.blackhatethicalhacking.com/tools/scapy/) - Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols... - [Recon Tool: Uncover](https://www.blackhatethicalhacking.com/tools/uncover/) - Uncover by Projectdiscovery is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. - [Offensive Security Tools Collection: Red Teaming Tactics and Techniques](https://www.blackhatethicalhacking.com/tools/red-teaming-tactics-and-techniques/) - This collection of tools and methodologies will help you enhance your skillset when it comes to Offensive Security and Red Team. - [Recon Tool: Metagoofil](https://www.blackhatethicalhacking.com/tools/metagoofil/) - Metagoofil is an information-gathering tool. It is designed to extract all the metadata information from public documents that are available on websites. - [Offensive Security Tool: Swaks - Swiss Army Knife for SMTP](https://www.blackhatethicalhacking.com/tools/swaks/) - Swaks - Swiss Army Knife is a featureful, flexible, scriptable, transaction-oriented SMTP test tool. It handles SMTP features and extensions such as TLS... - [Offensive Security Tool: Sandbox Defender](https://www.blackhatethicalhacking.com/tools/sandbox-defender/) - This tool allows Pentesters and Bug Bounty Hunters to demonstrate a flaw that allows attackers to bypass a Windows security mechanism. - [OSINT & Recon Tool: Odin](https://www.blackhatethicalhacking.com/tools/odin/) - OSINT and Recon are the most important steps when it comes to Pentesting or Bug Bounty Hunting. ODIN is Python tool for automating intelligence gathering... - [Offensive Security Tool: Stratus Red Team](https://www.blackhatethicalhacking.com/tools/stratus-red-team/) - Stratus Red Team is "Atomic Red Team" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner. - [Offensive Security Tool: Crypto Steganography](https://www.blackhatethicalhacking.com/tools/crypto-steganography/) - Cryptosteganography is a python steganography module to store messages or files protected with AES-256 encryption inside an image. - [Recon Tool: WitnessMe](https://www.blackhatethicalhacking.com/tools/witnessme/) - WitnessMe is primarily a Web Inventory tool inspired by Eyewitness. Its also written to be extensible allowing you to create custom functionality that can take advantage of the headless browser it drives in the back-end. - [OSINT Tool: Commit Stream](https://www.blackhatethicalhacking.com/tools/commit-stream/) - Commit Stream drinks commit logs from the GitHub event firehose exposing the author details (name and email address) associated with GitHub repositories in real time. - [Offensive Security Tool: Osmedeus](https://www.blackhatethicalhacking.com/tools/osmedeus/) - Osmedeus is a Workflow Engine for Offensive Security. It was designed to build a foundation with the capability and flexibility that allow you to automatic your recon methodology on a large number of targets. - [Offensive Security Tool: Ivy](https://www.blackhatethicalhacking.com/tools/ivy/) - Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code in memory. Ivy’s loader does this by abusing programmatical access in the VBA object environment to load, decrypt, and more. - [Offensive Security Tool: SQLMap](https://www.blackhatethicalhacking.com/tools/sqlmap/) - SQLMap allows for easy discovery and exploitation of SQL injection vulnerabilities. - [OSINT Tool: Pagodo](https://www.blackhatethicalhacking.com/tools/pagodo/) - Pagodo automates Google searching for potentially vulnerable web pages and applications on the Internet. It replaces manually performing Google dork searches with a web GUI browser. - [Lizard Squad - the infamous hacking group that brought Xbox and PlayStation networks to their knees.](https://www.blackhatethicalhacking.com/articles/hacking-stories/lizard-squad-the-infamous-hacking-group-that-brought-xbox-and-playstation-networks-to-their-knees/) - Lizard squad was a notorious Lizard squad that claimed responsibility for some of the biggest hacks and DDoS attacks in gaming history, including attacks on the Xbox and PlayStation networks. - [MafiaBoy, the hacker who took down the Internet](https://www.blackhatethicalhacking.com/articles/hacking-stories/mafiaboy-the-hacker-who-took-down-the-internet/) - In 2000, a high school student named Michael Calce, aka MafiaBoy, paralyzed the websites of e-commerce, and media giants including eBay, Amazon, CNN, Dell... - [How ILOVEYOU worm became the first global computer virus pandemic](https://www.blackhatethicalhacking.com/articles/hacking-stories/how-iloveyou-worm-became-the-first-global-computer-virus-pandemic/) - Almost two months after the .com bubble burst, on May 5, 2000, many users using Windows machines began receiving an email with the subject "ILOVEYOU". - [Rafael Núñez (aka RaFa), hacking NASA with the hacking group: World of Hell](https://www.blackhatethicalhacking.com/articles/hacking-stories/rafael-nunez-rafa-hacking-nasa-with-the-hacking-group-world-of-hell/) - Rafael Nunez is a hacker and computer security specialist born in 1979 in Puerto Ordaz, a city in Bolivar state, Venezuela. He is also known with the nickname "RaFa". - [Operation Troy – How researchers linked the cyberattacks](https://www.blackhatethicalhacking.com/articles/hacking-stories/operation-troy-how-researchers-linked-the-cyberattacks/) - South Korea was the victim of an enormous cyberattack on March 20, 2013. The attack was meant to cause damage and affected multiple organizations like South Korean TV networks and financial institutions. - [Operation Aurora: When China hacked Google](https://www.blackhatethicalhacking.com/articles/hacking-stories/operation-aurora-the-chinese-google-hack/) - It’s been almost 11 years since Google publicly disclosed in a blog, that they’d been the victim of a sophisticated cyber-attack, called Operation Aurora that targeted over 20 other companies and organizations, including Google, Adobe, Oracle, and Microsoft, etc. - [Offensive Security Tool: TheFatRat](https://www.blackhatethicalhacking.com/tools/thefatrat/) - Thefatrat a massive exploiting tool : Easy tool to generate backdoor - [Offensive Security Tool: Androrat](https://www.blackhatethicalhacking.com/tools/androrat/) - Androrat is a a Remote Administration Tool for Android with client/server application developed in Java Android for the client side and in Java/Swing for the Server. - [Offensive Security Tool: PRET - Printer Exploitation Toolkit](https://www.blackhatethicalhacking.com/tools/pret-printer-exploitation-toolkit/) - PRET by RUB-NDS, is a new tool for printer security testing - [Offensive Security Tool: XSStrike](https://www.blackhatethicalhacking.com/tools/xsstrike/) - Most advanced XSS scanner. - [Offensive Security Tool: CrackMapExec](https://www.blackhatethicalhacking.com/tools/crackmapexec/) - The swiss army knife for pentesting networks - [Offensive Security Tool: CVE Binary Tool by Intel](https://www.blackhatethicalhacking.com/tools/cve-binary-tool/) - This tool scans for a number of common, vulnerable components to let you know if your system includes common libraries with known vulnerabilities. - [Offensive Security Tool: Hunt](https://www.blackhatethicalhacking.com/tools/hunt/) - HUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensions. Identifies common parameters, Organize testing methodologies and more... - [Offensive Security Tools: FireEye Red Team Tool Countermeasures](https://www.blackhatethicalhacking.com/tools/fireeye-red-team-tool-countermeasures/) - FireEye cybersecurity tools compromised in state-sponsored attack on the 9th of December, this is the set of tools that is now publicly available. - [Offensive Security Tool: Shad0w](https://www.blackhatethicalhacking.com/tools/offensive-security-tool-shad0w/) - Shad0w is a post exploitation framework which is designed to operate covertly on such networks. - [Offensive Security Tool: JTR - John the Ripper](https://www.blackhatethicalhacking.com/tools/jtr-john-the-ripper/) - John the Ripper (Jumbo Enhanced Edition) is an advanced offline password cracker. - [Offensive Security Tool: ScareCrow](https://www.blackhatethicalhacking.com/tools/scarecrow/) - ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). - [Offensive Security Tool: Sparta](https://www.blackhatethicalhacking.com/tools/sparta/) - Sparta by SECFORCE, is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. - [Offensive Security Tool: ADFSBrute](https://www.blackhatethicalhacking.com/tools/adfsbrute/) - A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks. - [Offensive Security Tool: Skipfish](https://www.blackhatethicalhacking.com/tools/skipfish/) - Skipfish is an active web application security reconnaissance tool. - [Offensive Security Tool: SSHPry2.0](https://www.blackhatethicalhacking.com/tools/sshpry2-0/) - SSHPry2.0 is a tool written by nopernik that seamlessly let's you spy on SSH session like it is your tty. As SSH is one of the most used protocols by hackers... - [Offensive Security Tool: EyeWitness](https://www.blackhatethicalhacking.com/tools/eyewitness/) - EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known. - [Write up: Detect malicious hacker activities on endpoints](https://www.blackhatethicalhacking.com/articles/detect-malicious-hacker-activities-on-endpoints/) - Welcome to the 21st century, where almost everything in life is connected to an electronic device. At one time, the term digital forensics was a synonym for computer forensics... - [Offensive Security Tool: Pegasus Spyware - Decompiled](https://www.blackhatethicalhacking.com/tools/pegasus-spyware-decompiled/) - Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones, running most versions of iOS & Android. - [Offensive Security Tool: Spray365](https://www.blackhatethicalhacking.com/tools/spray365/) - Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). - [Offensive Security Tool: log4j Honeypot Flask](https://www.blackhatethicalhacking.com/tools/log4j-honeypot-flask/) - Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228. - [Offensive Security Tool: log4j-scan](https://www.blackhatethicalhacking.com/tools/log4j-scan/) - A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts that was recently discovered affecting millions of endpoints. - [Offensive Security Tool: Rubeus - Toolset for raw Kerberos interaction and abuses](https://www.blackhatethicalhacking.com/tools/rubeus/) - Rubeus is a C# toolset for raw Kerberos interaction and abuses. It offers outstanding techniques to gain credentials, such as working with the Kerberos and abuses of Microsoft Windows. - [Offensive Security Tool: Nuclei](https://www.blackhatethicalhacking.com/tools/nuclei/) - Nuclei by projectdiscovery, is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. - [Offensive Security Tool: Cobalt Strike](https://www.blackhatethicalhacking.com/tools/cobalt-strike/) - Cobalt Strike is threat emulation software. Execute targeted attacks with one of the most powerful network attack kits available to penetration testers. - [Offensive Security Tool: GoMapEnum](https://www.blackhatethicalhacking.com/tools/gomapenum/) - GoMapEnum it allows user enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on LinkedIn in a more evasive and sophisticated way. - [Offensive Security Tool: Hashcat](https://www.blackhatethicalhacking.com/tools/hashcat/) - Hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. - [Offensive Security Tools: Awesome Bug Bounty Tools](https://www.blackhatethicalhacking.com/tools/awesome-bug-bounty-tools/) - Unlike Pentesting, Bug Bounty requires a totally different approach when it comes to working on platforms like HackerOne, BugCrowd. This repo has some of the most important curated list of various bug bounty tools. - [Offensive Security Tool: Pentesting Tools](https://www.blackhatethicalhacking.com/tools/pentesting-tools/) - This repo was created containing over 48 starred tools for specific attack vectors, covering a wide range of techniques used by advanced Red Teams. - [Obfuscated Payloads can be undetected even if you have real-time protection](https://www.blackhatethicalhacking.com/facts/obfuscated-payloads-can-be-undetected-even-if-you-have-real-time-protection/) - There is a certain reason why successful attacks still happen every day, even though you use various security solutions in some cases. - [Offensive Security Tool: DotDotPwn - The Directory Traversal Fuzzer](https://www.blackhatethicalhacking.com/tools/dotdotpwn/) - DotDotPwn is a very flexible intelligent fuzzer written to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers and more. - [Offensive Security Tool: ZipExec](https://www.blackhatethicalhacking.com/tools/zipexec/) - ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. - [OSINT Tool: Osintgram](https://www.blackhatethicalhacking.com/tools/osintgram/) - Osintgram is an OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname. - [Offensive Security Tool: Dalfox](https://www.blackhatethicalhacking.com/tools/dalfox/) - DalFox is a fast, powerful parameter analysis and XSS scanner. It supports friendly Pipeline, CI/CD and testing of different types of XSS. - [Offensive Security Tool: Whispers](https://www.blackhatethicalhacking.com/tools/whispers/) - Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and dangerous functions. - [Offensive Security Tool: URL Hunter](https://www.blackhatethicalhacking.com/tools/url-hunter/) - URL Hunter is a Recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go. - [Not all Phishing attack types can be protected using software solutions](https://www.blackhatethicalhacking.com/facts/not-all-phishing-attack-types-can-be-protected-using-software-solutions/) - There are different phishing attack types and often people classify them all under one category, which is not the case in the real world. - [Offensive Security Tool: Discover](https://www.blackhatethicalhacking.com/tools/discover/) - Discover is a set of custom bash scripts used to automate various pentesting tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit. - [Offensive Security Tool: SniperPhish](https://www.blackhatethicalhacking.com/tools/sniperphish/) - SniperPhish is a new phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. - [Offensive Security Tool: Jenkins Attack Framework](https://www.blackhatethicalhacking.com/tools/jenkins-attack-framework/) - Jenkins Attack Framework (JAF) is an internally developed, red team-oriented tool for interacting with Jenkins build servers. - [Offensive Security Tool: Starkiller](https://www.blackhatethicalhacking.com/tools/starkiller/) - Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. Empire is a post-exploitation framework. - [Cyber Attacks do not discriminate when choosing victims.](https://www.blackhatethicalhacking.com/facts/cyber-attacks-do-not-discriminate-when-choosing-victims/) - Company Size does not matter when it comes to Cyber Criminals going after a target. The evolution of new and evolving online attacks became more sophisticated. - [Penetration Testing alone cannot identify the maximum number of vulnerabilities in an application.](https://www.blackhatethicalhacking.com/facts/pentesting-alone-cannot-identify-the-maximum-number-of-vulnerabilities-in-an-application/) - The goal of penetration testing is to discovery and eliminate security risks. However, it is not to be considered as a one-stop Security protector. - [73% of Hackers said traditional Firewall and Antivirus Security is irrelevant or obsolete.](https://www.blackhatethicalhacking.com/facts/73-of-hackers-said-traditional-firewall-and-antivirus-security-is-irrelevant-or-obsolete/) - A lot of misconfigurations found by hackers in the wild while performing assessments take place in such environments where Firewalls and Antivirus no longer pose a challenge for experienced hackers. - [Offensive Security Tool: FFUF](https://www.blackhatethicalhacking.com/tools/ffuf/) - ffuf (“fuzz faster u fool”). is an open source web fuzzing tool, intended for discovering elements and content within web applications, or web servers. - [Offensive Security Tool: Warcannon](https://www.blackhatethicalhacking.com/tools/warcannon/) - Warcannon is an open source tool that makes grepping the internet for web vulnerabilities simpler, faster and cheaper. It was unveiled at Black Hat USA 2021. - [Offensive Security Tool: Mimikatz](https://www.blackhatethicalhacking.com/tools/mimikatz/) - Mimikatz described by the author as just a little tool to play with Windows security.' It is a leading post-exploitation tool that dumps passwords from memory.. - [Offensive Security Tool: VoIPmonitor Sniffer](https://www.blackhatethicalhacking.com/tools/voipmonitor/) - VoIPmonitor is open source live network packet sniffer which analyze SIP and RTP protocol. - [Offensive Security Tool: Veil](https://www.blackhatethicalhacking.com/tools/veil/) - Veil is a very known tool and goes back to the beginning of creating such FUD Payloads. It integrates with Metasploit loading a listener through meterpreter using CLI and has a lot of techniques and options to craft payloads injecting into memory without touching disk. - [Offensive Security Tool: GoSpider](https://www.blackhatethicalhacking.com/tools/gospider/) - Gospider is more than a fast web spider written in Go. It offers also the capability to check for certain vulnerabilities on the wild. - [Offensive Security Tool: Pixload](https://www.blackhatethicalhacking.com/tools/pixload/) - Pixload is a set of tools for hiding backdoors creating/injecting payload into images. - [Offensive Security Tool: SecretFinder](https://www.blackhatethicalhacking.com/tools/secretfinder/) - SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. - [Offensive Security Tool: CloudFail](https://www.blackhatethicalhacking.com/tools/cloudfail/) - CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by Cloudflare in the hopes of discovering the location of the server. - [Offensive Security Tool: Pacu - The Amazon Web Services Exploitation Framework](https://www.blackhatethicalhacking.com/tools/pacu/) - Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. - [OSINT Tool: LinkedIn Scraper](https://www.blackhatethicalhacking.com/tools/linkedin-scraper/) - LinkedIn Scraper is a library that scrapes LinkedIn for user data using only the terminal and Selenium for really fast data extracted publicly. - [7 out of 10 businesses are not prepared to respond to a Cyber Attack](https://www.blackhatethicalhacking.com/facts/7-out-of-10-businesses-are-not-prepared-to-respond-to-a-cyber-attack/) - 73% of companies, based on a statistic made by Hiscox in the UK, US, Spain, Germany & Netherlands are just not prepared. - [Offensive Security Tool: Snallygaster](https://www.blackhatethicalhacking.com/tools/snallygaster/) - Snallygaster is a tool that looks for files accessible on web servers that shouldn't be public and can pose a security risk. - [Offensive Security Tool: Breacher](https://www.blackhatethicalhacking.com/tools/breacher/) - Breacher is a script in order to find admin login pages and EAR vulnerabilities. - [Hacking has Evolved](https://www.blackhatethicalhacking.com/facts/hacking-has-evolved/) - Hacking has evolved into helping shape the Information Security Industry. Back in the '90s, hackers... - [Offensive Security Tool: DirDar](https://www.blackhatethicalhacking.com/tools/dirdar/) - DirDar by M4DM0e, is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it. - [Information Security Tool: Chameleon](https://www.blackhatethicalhacking.com/tools/chameleon/) - Chameleon by qeeqbox, are customizable honeypots for monitoring network traffic, bots activities and username/password credentials. - [You can't protect what you can't see](https://www.blackhatethicalhacking.com/facts/you-cant-protect-what-you-cant-see/) - When it comes to advanced threat protection from a defensive perspective, you usually make sure to invest in various hardware and software solutions... - [Manual Pentesting is more Effective than the Automated](https://www.blackhatethicalhacking.com/facts/manual-pentesting-is-more-effective-than-the-automated/) - No doubt that both methods, when it comes to performing Pentesting Infrastructure share the same purpose. There is also the need for compliance, in order to prove and make a point of how a company takes seriously their Privacy & Security. - [The history of Internet and how it became a worldwide "thing"](https://www.blackhatethicalhacking.com/articles/free-access/the-history-of-internet-and-how-it-became-a-worldwide-thing/) - In one of his recent interviews, he said that he and his team of security experts-hackers have a 100% success rate on penetrating computer systems, "It’s just a fact" as he says. - [90% of the hacking process involves the Reconnaissance Phase](https://www.blackhatethicalhacking.com/facts/90-of-the-hacking-process-involves-the-reconnaissance-phase/) - Hacking can be summarized with one word, but the process behind it involves several phases to reach the final outcome which is a ‘Successful Attack’. - [A Hacker needs only one loophole to hack any system.](https://www.blackhatethicalhacking.com/facts/a-hacker-needs-only-one-loophole-to-hack-any-system/) - A Hacker needs only one loophole to hack any system - [Not all hackers are criminals](https://www.blackhatethicalhacking.com/facts/not-all-hackers-are-criminals/) - Not all hackers are criminals. - [Offensive Security Tool: Payloads All The Things](https://www.blackhatethicalhacking.com/tools/payloads-all-the-things/) - A list of useful payloads and bypass for Web Application Security and Pentest/CTF. - [Offensive Security Tool: Commix](https://www.blackhatethicalhacking.com/tools/commix/) - Command injection, also known as shell injection is achieved through vulnerable applications - [Offensive Security Tool: DroneSploit](https://www.blackhatethicalhacking.com/tools/dronesploit/) - Drone pentesting framework console - [Offensive Security Tool: Subzy](https://www.blackhatethicalhacking.com/tools/subzy/) - Subzy by LukaSikic, is a Subdomain takeover tool which works based on matching response fingerprings from can-i-take-over-xyz - [OSINT Tool: Twint](https://www.blackhatethicalhacking.com/tools/twint/) - An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations. - [Human Intelligence is the best defense against Phishing Attacks](https://www.blackhatethicalhacking.com/facts/human-intelligence-is-the-best-defense-against-phishing-attacks/) - Human Intelligence is the best defense against Phishing Attacks - [Offensive Security Tool: The TIDoS Framework](https://www.blackhatethicalhacking.com/tools/the-tidos-framework/) - The Offensive Web Application Penetration Testing Framework. - [Offensive Security Tool: HellRaiser](https://www.blackhatethicalhacking.com/tools/hellraiser/) - Vulnerability Scanner that correlates CPE's found with cve-search to enumerate vulnerabilities - [Offensive Security Tool: Wfuzz](https://www.blackhatethicalhacking.com/tools/wfuzz/) - Wfuzz has been created to facilitate the task in web applications assessments - [Offensive Security Tool: Sublist3r](https://www.blackhatethicalhacking.com/tools/sublist3r/) - Sublist3r by aboul3la is a python tool designed to enumerate subdomains of websites using OSINT. - [Offensive Security Tool: Jok3r](https://www.blackhatethicalhacking.com/tools/jok3r/) - Jok3r by koutto, is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. - [Firewalls are no longer enough](https://www.blackhatethicalhacking.com/facts/firewalls-are-no-longer-enough/) - Firewalls are no longer enough - [Offensive Security Tool: Tsunami](https://www.blackhatethicalhacking.com/tools/tsunami/) - Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. - [Offensive Security Tool: Evilginx 2](https://www.blackhatethicalhacking.com/tools/evilginx2/) - evilginx2 by kgretzky is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. - [Digital Forensic Tool: Pymeta](https://www.blackhatethicalhacking.com/tools/pymeta/) - Pymeta by m8r0wn will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions. - [Offensive Security Tool: Awesome Shodan Queries](https://www.blackhatethicalhacking.com/tools/awesome-shodan-queries/) - Awesome Shodan Queries - [Offensive Security Tool: Tangalanga - The Zoom Conference Scanner Hacking Tool](https://www.blackhatethicalhacking.com/tools/tangalanga/) - Tangalanga - The Zoom Conference Scanner Hacking Tool - [Your Data in the Cloud is not as secure as you think](https://www.blackhatethicalhacking.com/facts/your-data-in-the-cloud-is-not-as-secure-as-you-think/) - Your Data in the Cloud is not as secure as you think - [Offensive Security Tool: Phishing-API](https://www.blackhatethicalhacking.com/tools/phishing-api/) - Comprehensive Web Based Phishing Suite of Tools for Rapid Deployment and Real-Time Alerting! - [The Weakest Link in a Security Chain is the Human Element](https://www.blackhatethicalhacking.com/facts/the-weakest-link-in-a-security-chain-is-the-human-element/) - The Weakest Link in a Security Chain is the Human Element - [Offensive Security Tool: Mailsploit](https://www.blackhatethicalhacking.com/tools/mailsploit/) - Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Mail Transfer Agents (MTA) aka email servers, therefore circumventing spoofing protection mechanisms such as DMARC (DKIM/SPF) or spam filters. - [Offensive Security Tool: wifiphisher](https://www.blackhatethicalhacking.com/tools/wifiphisher/) - Automated victim-customized phishing attacks against Wi-Fi clients ## Pages - [Homepage](https://www.blackhatethicalhacking.com/) - Offensive Security - Penetration Testing, Vulnerability Assessment, Phishing Attack Simulations, Ethical Hacking Courses, Adversary Simulation. - [Courses](https://www.blackhatethicalhacking.com/courses/) - Offensive Security Courses. Our courses are produced to give you a seamless experience and will show you how to engage in critical thinking by overcoming unforeseen obstacles while learning from a Red Team point of view which will involve your creativity and persistence to become a better Ethical Hacker. - [Offensive Security and Ethical Hacking Course](https://www.blackhatethicalhacking.com/courses/offensive-security-and-ethical-hacking-course/) - Offensive Security and Ethical Hacking Course. Learn new Offensive Security Strategies aiming at helping you become a better Ethical Hacker. - [The Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/courses/bug-bounty-hunting-course/) - This course will guide you through the path of achieving the “hacking” mindset using manual techniques to level up your success as a Bug Bounty Hunter. - [Tools by BHEH](https://www.blackhatethicalhacking.com/tools-by-bheh/) - [About us](https://www.blackhatethicalhacking.com/aboutus/) - With over 20 years of experience, Black Hat Ethical Hacking derives from a different perspective in the Cyber Security Field. It consists of a team focusing completely on the Offensive Security side. - [Compliance & Assessment Programs](https://www.blackhatethicalhacking.com/compliance-assessment-programs/) - GDPR, Microsoft 365, PCI and Ransomware Assessment compliances - Protect your personal data regardless of geographical location of the organization. - [Solutions](https://www.blackhatethicalhacking.com/solutions/) - Providing Solutions such as Vulnerability Assessment, Penetration Testing, Source Code Review, Digital Forensics, Data Recovery, Phishing Simulation Test. - [Offensive Security and Ethical Hacking Course Resources](https://www.blackhatethicalhacking.com/offensive-security-and-ethical-hacking-course-resources/) - [The Bug Bounty Hunting Course Resources](https://www.blackhatethicalhacking.com/the-bug-bounty-hunting-course-resources/) - [Member Login | Courses and Premium Write ups](https://www.blackhatethicalhacking.com/member-login/) - Member login page, course training sections. - [BHEH Pentesting Premium Articles](https://www.blackhatethicalhacking.com/bheh-pentesting-premium-articles/) - Get Exclusive Access to Real-World Pentesting Knowledge For just €5/month or €50/year, unlock exclusive access to high-impact, ad-free, real-world penetration testing write-ups once a month, directly from BHEH’s Red Team. - [Offensive Security and Ethical Hacking Course](https://www.blackhatethicalhacking.com/offensive-security-and-ethical-hacking-course/) - Hacking Courses, Black box penetration testing, penetration testing, digital forensics, social engineering, phishing attack, ddos attack simulation, osint, tools, news, videos, courses, articles,community - [Signup Bug BHEH Pentesting Premium Articles - Yearly](https://www.blackhatethicalhacking.com/signup-bug-bheh-pentesting-premium-articles-yearly/) - [Signup Bug BHEH Pentesting Premium Articles - Monthly](https://www.blackhatethicalhacking.com/signup-bug-bheh-pentesting-premium-articles-monthly/) - [Articles](https://www.blackhatethicalhacking.com/articles/) - [Contact us](https://www.blackhatethicalhacking.com/contact_us/) - Report an Incident, Submit a Ticket, Contact us via Mail, We are 24/7 Available. - [Patreon](https://www.blackhatethicalhacking.com/patreon/) - You will find exclusive video content available ONLY on Patreon, showing you continuous techniques and methodologies in Offensive Security. - [Workshop Preparation-Guide](https://www.blackhatethicalhacking.com/workshop-preparation-guide/) - [Sponsorship and Advertising](https://www.blackhatethicalhacking.com/sponsorship-advertising/) - Want to become a sponsor? Advertise with Black Hat Ethical Hacking to Enhance your presence in the information security world with our global reach. - [Vulnerability Assessment](https://www.blackhatethicalhacking.com/solutions/vulnerability-assessment/) - [Tools](https://www.blackhatethicalhacking.com/tools/) - [News](https://www.blackhatethicalhacking.com/news/) - Stay informed for the latest Information Security News - [Claim your Certificate by contacting us below](https://www.blackhatethicalhacking.com/certificate-of-completion/) - [The Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/the-bug-bounty-hunting-course/) - Hacking Courses, Black box penetration testing, penetration testing, digital forensics, social engineering, phishing attack, ddos attack simulation, osint, tools, news, videos, courses, articles,community - [Digital Forensics](https://www.blackhatethicalhacking.com/solutions/digital-forensics/) - [Computer Forensics](https://www.blackhatethicalhacking.com/solutions/digital-forensics/computer-forensics/) - [Data Recovery and File Carving](https://www.blackhatethicalhacking.com/solutions/digital-forensics/data-recovery-file-carving/) - [Mobile Devices Forensics](https://www.blackhatethicalhacking.com/solutions/digital-forensics/mobile-devices-forensics/) - [Network Forensics and Intrusion Analysis](https://www.blackhatethicalhacking.com/solutions/digital-forensics/network-forensics-intrusion-analysis/) - [Social Engineering](https://www.blackhatethicalhacking.com/solutions/social-engineering/) - [Wireless Pentesting](https://www.blackhatethicalhacking.com/solutions/penetration-testing/wireless-pentesting/) - [Web Application Pentesting](https://www.blackhatethicalhacking.com/solutions/penetration-testing/web-application-pentesting/) - [Source Code Review](https://www.blackhatethicalhacking.com/solutions/penetration-testing/source-code-review/) - [Internal & External Pentesting](https://www.blackhatethicalhacking.com/solutions/penetration-testing/internal-external-pentesting/) - [Distributed Denial of Service Attack (DDoS) Simulation](https://www.blackhatethicalhacking.com/solutions/penetration-testing/ddos-simulation/) - [BlackBox and WhiteBox Pentesting](https://www.blackhatethicalhacking.com/solutions/penetration-testing/blackbox-and-whitebox-pentesting/) - [Penetration Testing](https://www.blackhatethicalhacking.com/solutions/penetration-testing/) - [Security Awareness](https://www.blackhatethicalhacking.com/security-awareness/) - Latest BHEH Facts on Offensive Security & Digital Forensics - [Twitch](https://www.blackhatethicalhacking.com/twitch/) - Our channel on Twitch features Bug Bounty Live Passive Recon Techniques, Interviews, Hacking Tools Demos and Techniques for educational purposes, and more. - [Thank You](https://www.blackhatethicalhacking.com/thank-you/) - [Chapter 2: Attacks](https://www.blackhatethicalhacking.com/chapter-2-attacks/) - [Signup Bundle Course](https://www.blackhatethicalhacking.com/sign-up-bundle-course/) - [Signup OffSec and EH](https://www.blackhatethicalhacking.com/sign-up-offsec-and-eh/) - [Signup Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/sign-up-bug-bounty-hunting-course/) - [Black Hat Ethical Hacking Courses Bundle](https://www.blackhatethicalhacking.com/black-hat-ethical-hacking-courses-bundle/) - Hacking Courses, Black box penetration testing, penetration testing, digital forensics, social engineering, phishing attack, ddos attack simulation, osint, tools, news, videos, courses, articles,community - [Introduction to Bug Bounty Hunting](https://www.blackhatethicalhacking.com/introduction-to-bug-bounty-hunting/) - [Facts](https://www.blackhatethicalhacking.com/facts/) - Latest BHEH Facts on Offensive Security & Digital Forensics - [Chapter 1: Reconnaissance](https://www.blackhatethicalhacking.com/chapter-1-reconnaissance/) - [Chapter 4: Submitting better Reports](https://www.blackhatethicalhacking.com/chapter-4-submitting-better-reports/) - [Chapter 3: Thinking Outside the Box-The Mindset of a Hacker](https://www.blackhatethicalhacking.com/chapter-3-thinking-outside-the-box-the-mindset-of-a-hacker/) - [Your Lesson Statistics](https://www.blackhatethicalhacking.com/lesson-statistics/) - [Your Dashboard](https://www.blackhatethicalhacking.com/my-dashboard/) - [Chapter 5: Social Engineering & Phishing Attacks](https://www.blackhatethicalhacking.com/chapter-5-social-engineering-phishing-attacks/) - [Chapter 4: Post Exploitation](https://www.blackhatethicalhacking.com/chapter-4-post-exploitation/) - [Chapter 3: Attacks](https://www.blackhatethicalhacking.com/chapter-3-attacks/) - [Chapter 2: Reconnaissance and OSINT](https://www.blackhatethicalhacking.com/chapter-2-reconnaissance-and-osint/) - [Chapter 1: Learning Linux](https://www.blackhatethicalhacking.com/chapter-1-learning-linux/) - [Site Map](https://www.blackhatethicalhacking.com/sitemap/) - Browse through our Sitemap - [Users Online](https://www.blackhatethicalhacking.com/user-online/) - [Account](https://www.blackhatethicalhacking.com/account/) ## Memberships - [BHEH Bundle Courses](https://www.blackhatethicalhacking.com/register/bheh-bundle-courses/) - [The Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/register/the-bug-bounty-hunting-course/) - [Offensive Security and Ethical Hacking Course](https://www.blackhatethicalhacking.com/register/offensive-security-and-ethical-hacking-course/) - [BHEH Pentesting Write ups – Premium Members – Yearly](https://www.blackhatethicalhacking.com/register/bheh-pentesting-write-ups-yearly/) - [BHEH Pentesting Write ups - Premium Members - Monthly](https://www.blackhatethicalhacking.com/register/bheh-pentesting-writeups-premium-members-monthly/) ## Groups - [BHEH Pentesting Premium Articles](https://www.blackhatethicalhacking.com/plans/bheh-pentesting-premium-articles/) - [BHEH Signup Courses](https://www.blackhatethicalhacking.com/plans/bheh-signup-courses/) ## Videos - [1f. Write your first Python 3 Program & Upload it to GitHub.](https://www.blackhatethicalhacking.com/cmvl_video/1f-write-your-first-python-3-program-upload-it-to-github/) - [1e. Computer Programming and Languages.](https://www.blackhatethicalhacking.com/cmvl_video/1e-computer-programming-and-languages/) - [1d. Updating correctly your Kali Machine.](https://www.blackhatethicalhacking.com/cmvl_video/1d-updating-correctly-your-kali-machine/) - [1c. Learning some important Linux Commands using the Terminal.](https://www.blackhatethicalhacking.com/cmvl_video/1c-learning-some-important-linux-commands-using-the-terminal/) - [1b. The Power of the ‘Terminal’ in Linux.](https://www.blackhatethicalhacking.com/cmvl_video/1b-the-power-of-the-terminal-in-linux/) - [1a. Understanding Kali Linux as an Operating System.](https://www.blackhatethicalhacking.com/cmvl_video/1a-understanding-kali-linux-as-an-operating-system/) - [1f. Write your first Python 3 Program and Upload it to GitHub.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284612) - [1e. Computer Programming and Languages.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284592) - [1d. Updating correctly your Kali Machine.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284613) - [1c. Learning some important Linux Commands using the Terminal.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284614) - [1b. The Power of the ‘Terminal’ in Linux.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284615) - [1a. Understanding Kali Linux as an Operating System.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/?video=284616) - [Introduction to Bug Bounty Hunting](https://www.blackhatethicalhacking.com/video-lesson/lesson/introduction-to-bug-bounty-hunting/?video=269144) - [Chapter 4 - Submitting better reports Overview & Learning](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-4-submitting-better-reports/?video=268410) - [Chapter 3 - Thinking outside the box - the mindset of a hacker](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-thinking-outside-the-box-the-mindset-of-a-hacker/?video=268411) - [2n. Attack Endpoints exploiting them using Nuclei with 0 False Positives](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268412) - [2m. Perform HTTP Request Smuggling Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268413) - [2l. Find hidden API Endpoints from URLs using Kiterunner](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268414) - [2k. Decrypting Encrypted Secrets & Hashes with Ciphey](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268415) - [2j. Performing Web Cache Poisoning with Burpsuite](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268416) - [2i. Bypassing 403 forbidden access directories](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268417) - [2h. Performing CRLF injection-based attacks with CRLFuzz](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268418) - [2g. Performing Local File Inclusion (LFI) based attacks with MEG and SecLists](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268419) - [2f. Performing Path Traversal Fuzzing Attacks with BurpSuite](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268420) - [2e. Performing Directory Brute-Forcing & Fuzzing](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268421) - [2d. Performing IDOR Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268422) - [2c. Performing Open-Redirect Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268423) - [2b. Performing SQL-based Injection Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268424) - [2a. Performing Cross-Site Scripting (XSS) Injection Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/?video=268425) - [1i. Extract and find Javascript files from all URLs gathered, and check for hard-coded secrets using GitLeaks but also Manually](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268426) - [1h. Use GF to filter and prepare URLs for specific Injection based Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268427) - [1g. Gathering URLs with Parameters & Checking for the Heartbleed Vulnerability](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268428) - [1f. Website Screenshotting & Recon](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268429) - [1e. Working with IP Addresses](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268430) - [1d. Gathering and Probing URLs](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268431) - [1c. Subdomain Enumeration](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268432) - [1b. Preparing your Scope & Choosing your first target.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268435) - [1a. Note-taking & being organized.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/?video=268436) - [Chapter 4 Overview](https://www.blackhatethicalhacking.com/cmvl_video/chapter-4-overview/) - [Chapter 3 - Thinking outside the box-the mindset of a hacker - Overview video](https://www.blackhatethicalhacking.com/cmvl_video/chapter-3-thinking-outside-the-box-the-mindset-of-a-hacker-overview-video/) - [5a. Phishing Attacks & Social Engineering with the Social Engineering Toolkit.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-5-social-engineering-phishing-attacks/?video=252843) - Phishing attacks can be very detectable if they are performed only using automated ways, without studying some of the techniques that advanced hackers use to make them more believable from a psychological approach to the design of the template, and the way you will redirect someone after they click to login, without raising any suspicion. - [3j. Detect Rootkits on Kali Linux using chkrootkit & rkhunter..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251175) - [3i. Pentesting Routers & Smart Devices in your Home using RouterSploit & NMAP..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251176) - [3h. Fuzzing Techniques using custom Payloads with Burp Intruder & WFuzz..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251177) - [3g. Automating Web Application Vulnerability Scanning using OWASP ZAP..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251178) - [3f. Finding SQL Vulnerabilities & Hacking Websites using Burpsuite..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251179) - [3e. Hacking using Metasploit - Recon, Attacks, Exploitation..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251180) - [3d. Finding XSS Vulnerabilities Manually & Automated using XSStrike..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251181) - [3c. Finding SQL Injections & Exploiting them with SQLMap & jSQL..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251172) - [3b. Perform Browser Exploitation with Social Engineering Attacks using BeEF Framework.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251928) - Among growing concerns about web-borne attacks against ‘clients’, including mobile ‘clients’ which are on the rise, we will show you how a professional penetration tester and experienced hackers assess the actual security posture of a target environment by using client-side attack vectors. We will see how we can look past the hardened network perimeter and - [3a. Create Fully Undetectable Payloads, Backdoors, Keyloggers & Hack into Windows 10 & Android Devices..mp4](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/?video=251174) - [2l. How to use Proxychains & TorSocks to maintain complete Anonymity.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251160) - [2j. OSINT & Information Gathering emails of employees for any company with theHarvester & More.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251162) - [2k. OSINT & Discovering Subdomains passively with Sublist3r.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251926) - [2i. OSINT & Information Gathering with Metagoofil Discovering Sensitive Files for any organization.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251163) - [2h. Advanced Reconnaissance with Recon-ng.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251925) - [2g. Gather information for any Phone Number Using PhoneInfoga.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251165) - [2f. Recon & OSINT With Maltego.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251166) - [2e. Nmap Recon Techniques & Local Network Discovery.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251167) - [2d. MITM Attacks with Bettercap.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251168) - [2c. Arp Spoofing Arp Poisoning & Sniffing Traffic.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251169) - [2a. Perform Recon Wireless Attacks.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251923) - [2b. Wi-Fi Jamming.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/?video=251924) - [3b. Perform Browser Exploitation with Social Engineering Attacks using BeEF Framework.](https://www.blackhatethicalhacking.com/cmvl_video/3b-perform-browser-exploitation-with-social-engineering-attacks-using-beef-framework-2/) - [2a. Perform Recon Wireless Attacks.](https://www.blackhatethicalhacking.com/cmvl_video/2a-perform-recon-wireless-attacks-2/) - [2b. Wi-Fi Jamming.](https://www.blackhatethicalhacking.com/cmvl_video/2b-wi-fi-jamming-2/) - [2h. Advanced Reconnaissance with Recon-ng.](https://www.blackhatethicalhacking.com/cmvl_video/2h-advanced-reconnaissance-with-recon-ng-2/) - [2k. OSINT & Discovering Subdomains passively with Sublist3r.](https://www.blackhatethicalhacking.com/cmvl_video/2k-osint-discovering-subdomains-passively-with-sublist3r-2/) - [Workshop - Preparation Guide](https://www.blackhatethicalhacking.com/video-lesson/lesson/workshop-preparation-guide/?video=251482) - [Workshop - Preparation Guide](https://www.blackhatethicalhacking.com/cmvl_video/workshop-preparation-guide-2/) - [4a. Post Exploitation with Metasploit - Shell is just the beginning.](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-4-post-exploitation/?video=251187) - [4a. Post Exploitation with Metasploit - Shell is just the beginning.](https://www.blackhatethicalhacking.com/cmvl_video/4a-post-exploitation-with-metasploit-shell-is-just-the-beginning-2/) - [3c. Finding SQL Injections & Exploiting them with SQLMap & jSQL..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3c-finding-sql-injections-exploiting-them-with-sqlmap-jsql-mp4-2/) - [3a. Create Fully Undetectable Payloads, Backdoors, Keyloggers & Hack into Windows 10 & Android Devices..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3a-create-fully-undetectable-payloads-backdoors-keyloggers-hack-into-windows-10-android-devices-mp4-2/) - [3j. Detect Rootkits on Kali Linux using chkrootkit & rkhunter..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3j-detect-rootkits-on-kali-linux-using-chkrootkit-rkhunter-mp4-2/) - [3i. Pentesting Routers & Smart Devices in your Home using RouterSploit & NMAP..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3i-pentesting-routers-smart-devices-in-your-home-using-routersploit-nmap-mp4-2/) - [3h. Fuzzing Techniques using custom Payloads with Burp Intruder & WFuzz..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3h-fuzzing-techniques-using-custom-payloads-with-burp-intruder-wfuzz-mp4-2/) - [3g. Automating Web Application Vulnerability Scanning using OWASP ZAP..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3g-automating-web-application-vulnerability-scanning-using-owasp-zap-mp4-2/) - [3f. Finding SQL Vulnerabilities & Hacking Websites using Burpsuite..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3f-finding-sql-vulnerabilities-hacking-websites-using-burpsuite-mp4-2/) - [3e. Hacking using Metasploit - Recon, Attacks, Exploitation..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3e-hacking-using-metasploit-recon-attacks-exploitation-mp4-2/) - [3d. Finding XSS Vulnerabilities Manually & Automated using XSStrike..mp4](https://www.blackhatethicalhacking.com/cmvl_video/3d-finding-xss-vulnerabilities-manually-automated-using-xsstrike-mp4-2/) - [2l. How to use Proxychains & TorSocks to maintain complete Anonymity.](https://www.blackhatethicalhacking.com/cmvl_video/2l-how-to-use-proxychains-torsocks-to-maintain-complete-anonymity-2/) - [2j. OSINT & Information Gathering emails of employees for any company with theHarvester & More.](https://www.blackhatethicalhacking.com/cmvl_video/2j-osint-information-gathering-emails-of-employees-for-any-company-with-theharvester-more-2/) - [2i. OSINT & Information Gathering with Metagoofil Discovering Sensitive Files for any organization.](https://www.blackhatethicalhacking.com/cmvl_video/2i-osint-information-gathering-with-metagoofil-discovering-sensitive-files-for-any-organization-2/) - [2g. Gather information for any Phone Number Using PhoneInfoga.](https://www.blackhatethicalhacking.com/cmvl_video/2g-gather-information-for-any-phone-number-using-phoneinfoga-2/) - [2f. Recon & OSINT With Maltego.](https://www.blackhatethicalhacking.com/cmvl_video/2f-recon-osint-with-maltego-2/) - [2e. Nmap Recon Techniques & Local Network Discovery.](https://www.blackhatethicalhacking.com/cmvl_video/2e-nmap-recon-techniques-local-network-discovery-2/) - [2d. MITM Attacks with Bettercap.](https://www.blackhatethicalhacking.com/cmvl_video/2d-mitm-attacks-with-bettercap-2/) - [2c. Arp Spoofing Arp Poisoning & Sniffing Traffic.](https://www.blackhatethicalhacking.com/cmvl_video/2c-arp-spoofing-arp-poisoning-sniffing-traffic-2/) - [Workshop - Preparation Guide](https://www.blackhatethicalhacking.com/cmvl_video/workshop-preparation-guide-3/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 6 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-6-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 5 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-5-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 4 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-4-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 3 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-3-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 2 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-2-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners - By SaintDruG Part 1 of 6](https://www.blackhatethicalhacking.com/cmvl_video/metasploit-hacking-1-hour-course-for-beginners-by-saintdrug-part-1-of-6/) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 6 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246261) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 5 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246262) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 4 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246263) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 3 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246264) - [Metasploit Hacking 1 Hour Course For Beginners By SaintDruG Part 2 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246265) - [Metasploit Hacking 1 Hour Course For Beginners - By SaintDruG Part 1 of 6 New](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6315&video=246266) - [7.3. Master list of countermeasures](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6678) - [4. Summary Countermeasures](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6679) - [4. Tools in our utility belt](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6680) - [7.2. Virus discovery methods](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6681) - [7.1. Countermeasures](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6682) - [5. Summary Detecting malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6711) - [2. Creating a virus - worm](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6684) - [6.3. Investigation of malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6685) - [6. Deployment](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6686) - [1. Detecting malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6687) - [7. Real or fake](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6689) - [5.5. Signs and the why](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6690) - [5.3. Type of viruses and worms](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6691) - [5.4. Lifecycle](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6692) - [5.2. Whats the difference](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6693) - [1. Virus and worms](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6695) - [4. Summary Types of trojans](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6696) - [3. DEMO; Beast](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6694) - [4.2. SuperDale's Top 10](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6697) - [6. Summary Trojan infections](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6698) - [4.1. Types of trojans](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6699) - [3. DEMO; Creating a trojan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6700) - [5. Evading anti-virus](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6701) - [4. Different ways to enter](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6702) - [2. How to infect the target](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6703) - [1. Trojan infections](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6704) - [2.6. Summary Whats a trojan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6705) - [5. Clues you have a trojan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6706) - [3. Whats the goal](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6707) - [2. Trojans up close](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6708) - [4. How does malware get in](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6709) - [2.1. Whats a trojan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6710) - [3. The numbers behind malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6712) - [1. Introduction Malware threats & attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6713) - [2. What is malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6714) - [4. How trojans communicate and hide](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6313&video=6716) - [3.2 Setup-WingIDE overview](https://www.blackhatethicalhacking.com/cmvl_video/3-2-setup-wingide-overview/) - [3.1 Setup-Overview](https://www.blackhatethicalhacking.com/cmvl_video/3-1-setup-overview/) - [3.0 Setup-Intro](https://www.blackhatethicalhacking.com/cmvl_video/3-0-setup-intro/) - [2.9 Setup-Installing WingIDE on Kali](https://www.blackhatethicalhacking.com/cmvl_video/2-9-setup-installing-wingide-on-kali/) - [2.8 Setup-First pentest program](https://www.blackhatethicalhacking.com/cmvl_video/2-8-setup-first-pentest-program/) - [2.7 Networks-Overview](https://www.blackhatethicalhacking.com/cmvl_video/2-7-networks-overview/) - [2.6 Networks-Intro](https://www.blackhatethicalhacking.com/cmvl_video/2-6-networks-intro/) - [2.5 Networks-Creating UDP Client](https://www.blackhatethicalhacking.com/cmvl_video/2-5-networks-creating-udp-client/) - [2.4 Networks-Creating a TCP Server](https://www.blackhatethicalhacking.com/cmvl_video/2-4-networks-creating-a-tcp-server/) - [2.3 Networks-Creating a TCP Client](https://www.blackhatethicalhacking.com/cmvl_video/2-3-networks-creating-a-tcp-client/) - [2.2 How it works](https://www.blackhatethicalhacking.com/cmvl_video/2-2-how-it-works/) - [2.1 How it Works-Sniffing with Scapy](https://www.blackhatethicalhacking.com/cmvl_video/2-1-how-it-works-sniffing-with-scapy/) - [2.0 How it Works-Reading binary raw packets](https://www.blackhatethicalhacking.com/cmvl_video/2-0-how-it-works-reading-binary-raw-packets/) - [1.9 How it Works-Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-9-how-it-works-overview/) - [1.8 How it Works-Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-8-how-it-works-intro/) - [1.7 How it Works-Developing the Server application](https://www.blackhatethicalhacking.com/cmvl_video/1-7-how-it-works-developing-the-server-application/) - [1.6 How it Works-Developing the Client application](https://www.blackhatethicalhacking.com/cmvl_video/1-6-how-it-works-developing-the-client-application/) - [1.5 How it Works-Decoding the IP Layer](https://www.blackhatethicalhacking.com/cmvl_video/1-5-how-it-works-decoding-the-ip-layer/) - [1.4 How it Works-Course workflow](https://www.blackhatethicalhacking.com/cmvl_video/1-4-how-it-works-course-workflow/) - [1.3 Before Starting-Why choose python](https://www.blackhatethicalhacking.com/cmvl_video/1-3-before-starting-why-choose-python/) - [1.2 Before Starting-Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-2-before-starting-overview/) - [1.1 Before Starting-Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-1-before-starting-intro/) - [1.0 Before Starting-Course overview](https://www.blackhatethicalhacking.com/cmvl_video/1-0-before-starting-course-overview/) - [5.7 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6925) - [5.6 Logging CSP Violations with Report URI](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6926) - [5.5 NWebsec for ASP.NET](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6927) - [5.4 The CSP Fiddler Extension](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6928) - [5.3 Creating a policy with Report URI's CSP Builder](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6929) - [5.2 Report URI for Analyzing a CSP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6930) - [5.1 SecurityHeaders.io](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6931) - [5.0 Tools for working with browser headers Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6932) - [4.11 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6933) - [4.10 Browser compatibility](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6934) - [4.9 Reporting only](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6935) - [4.8 The report-uri Directive](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6936) - [4.7 The frame-ancestors](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6937) - [4.6 Using hashes and nonces to whitelist unsafe inline content](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6938) - [4.5 The unsafe inline and Unsafe eval keywords](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6939) - [4.4 Content source policy directives](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6940) - [4.3 Declaring content sources](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6941) - [4.2 Understanding CSP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6942) - [4.1 Understanding the problem that CSP solves](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6943) - [4.0 Content Security Policy (CSP) Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6944) - [3.9 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6945) - [3.8 Browser compatibility](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6946) - [3.7 Reporting only](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6947) - [3.6 The includeSubdomains Keyword](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6948) - [3.5 The report-uri Directive](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6949) - [3.4 The max-age Directive](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6950) - [3.3 The pin-sha256 Directive](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6951) - [3.2 Understanding HPKP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6952) - [3.1 Understanding the problem that HPKP Solves](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6953) - [3.0 HTTP Public Key Pinning (HPKP) Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6954) - [2.7 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6955) - [2.6 Browser compatibility](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6956) - [2.5 The preload keyword](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6957) - [2.4 The includeSubdomains keyword](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6958) - [2.3 The max-age Directive](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6959) - [2.2 Understanding HSTS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6960) - [2.1 Understanding the problem that HSTS solves](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6961) - [2.0 HTTP Strict Transport Security (HSTS) Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6962) - [1.7 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6963) - [1.6 Current utilization of browser security headers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6964) - [1.5 Non-standard and browser prefixed headers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6965) - [1.4 How browsers handle response headers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6966) - [1.3 Understanding headers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6967) - [1.2 Things the server can't control](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6968) - [1.1 Security threats in a web world](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6969) - [1.0 Understanding browser security headers Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6310&video=6970) - [5.2 Using the time fieldto troubleshoot delays in your network](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6891) - [5.1 ARP, DNS and HTTP working together](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6892) - [5.0 Protocols working together Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6893) - [4.7 Capturing and examining Telnet and SSH](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6894) - [4.6 Capturing and examining a TCP session in clear text](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6895) - [4.5 Capturing and examining a TCP session](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6896) - [4.4 Control bits](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6897) - [4.3 TCP Header](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6898) - [4.2 TCP 4 way disconnect](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6899) - [4.1 TCP 3 way handshake](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6900) - [4.0 Introduction to TCP Analysis Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6901) - [3.8 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6902) - [3.7 Analyzing a Ping with no layer 3 connectivity](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6903) - [3.6 Analyzing ICMP message type](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6904) - [3.5 Analyzing a Ping with Wireshark](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6905) - [3.4 Clearing ARP Cache](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6906) - [3.3 ICMP Message Types](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6907) - [3.2 IP to MAC Address resolution](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6908) - [3.1 Sending a ping](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6909) - [3.0 ARP and Ping Analysis Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6910) - [2.5 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6911) - [2.4 Capturing traffic on Unix or Linux](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6912) - [2.3 Capturing traffic with Tshark](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6913) - [2.2 Capturing traffic on two NICs at the same time](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6914) - [2.1 Capturing traffic](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6915) - [2.0 Capturing traffic with Wireshark Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6916) - [1.5 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6917) - [1.4 The wireshark interface](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6918) - [1.3 Capturing packets](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6919) - [1.2 How wireshark works](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6920) - [1.1 Old Skool Packet Capture](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6921) - [1.0 Getting started with Wireshark Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6309&video=6922) - [8. Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6373) - [9. Preparing for DoS Resiliency](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6843) - [8. DDoS Prevention as a Service with CloudFare](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6844) - [7. Application Level Defenses](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6845) - [6. Network Level Defenses](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6846) - [5. Establishing Traffic Reputation](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6847) - [4. Absorbing Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6848) - [3. Discovering the Attack Pattern](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6849) - [2. Defensive considerations](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6851) - [8. Summary Tampering of Untrusted data](https://www.blackhatethicalhacking.com/cmvl_video/8-summary-tampering-of-untrusted-data/) - [5. A look inside DDoS as a Service](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6854) - [7. Other tools](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6855) - [6. Legitimate Load Testing Services](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6856) - [4. Booters and Stressers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6857) - [2. LOIC](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6858) - [3. JS LOIC](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6859) - [1. Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6861) - [13. Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6869) - [12. A complex DDoS Attack Case Study](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6870) - [11. GitHub's 'Man on the side' Attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6871) - [1. Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6872) - [10. Permanent DoS and Phlashing](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6873) - [9. The impact of DoS Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6874) - [8. Unintentional DoS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6875) - [7. Motivations for DDoS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6876) - [5. Visualizing DDoS Attacks with Norse](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6877) - [6. What makes DoS attacks so effective](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6878) - [4. DDoS Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6879) - [3. Defining DoS Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6880) - [2. The Rise and Rise of DoS Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6881) - [1. Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6314&video=6882) - [8. Summary](https://www.blackhatethicalhacking.com/cmvl_video/8-summary/) - [8. Summary](https://www.blackhatethicalhacking.com/cmvl_video/8-summary-3/) - [4.7 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6812) - [4.6 How to think of CloudFlare Firewall](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6813) - [4.5 Browser integrity check](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6814) - [4.4 Securing a URL with a page rule](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6815) - [4.3 Managing access rules](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6816) - [4.2 Setting the security level](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6817) - [4.1 Understanding threats and responses](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6818) - [4.0. Managing the firewall Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6819) - [3.8 Enabling HTTP Strict Transport Security (HSTS)](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6820) - [3.9 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6821) - [3.7 Forcing HTTPS with a page rule](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6822) - [3.6 Implementing full and strict SSL](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6823) - [3.5 Understanding flexible full and strict SSL](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6824) - [3.4 Checking the SSL Config with QUalys SSL Labs](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6825) - [3.3 Testing the site over https](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6826) - [3.2 Understanding SSL on CloudFlare](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6827) - [3.1 SSL as a Premiun Service](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6828) - [3.0 Getting SSL for Free Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6829) - [2.5 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6830) - [2.4 Testing the configuration](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6831) - [2.3 Changing nameservers](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6832) - [2.2 Adding a new site to cloudflare](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6833) - [2.1 Introducing the site](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6834) - [2.0 Setting up a new site Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6835) - [1.4 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6836) - [1.3 CloudFlare free security features](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6837) - [1.2 The rise and rise of cloudflare](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6838) - [1.1 The CloudFlare model](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6839) - [1.0 The CloudFlare Model Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6308&video=6840) - [9.2 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6719) - [9.1 All the countermeasures](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6720) - [9.0 Countermeasures for enumeration](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6721) - [8.3 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6722) - [8.2 DEMO- Enumerating Linux](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6723) - [8.1 Why is linux considered secure](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6724) - [8.0 Linux isn't safe either Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6725) - [7.4 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6726) - [7.3 DEMO- Enumeration via DNS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6727) - [7.2 Behind DNS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6728) - [7.1 What is DNS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6729) - [7.0 Enumerating via DNS Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6730) - [6.4 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6731) - [6.3 DEMO- Continuing to enumerate](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6732) - [6.2 DEMO- Enumeration via SMTP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6733) - [6.1 What is SMTP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6734) - [6.0 Enumerating via SMTP Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6735) - [5.3 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6736) - [5.2 DEMO- Enumerating with NTP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6737) - [5.1 What is NTP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6738) - [5.0 Enumerating via NTP Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6739) - [4.3 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6740) - [4.2 DEMO- Enumeration via LDAP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6741) - [4.1 What is LDAP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6742) - [4.0 Enumerating via LDAP Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6743) - [3.3 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6744) - [3.2 DEMO- Enumerating SNMP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6745) - [3.1 What is SNMP](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6746) - [3.0 Enumerating via SNMP Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6747) - [2.4 Pulling SIDs and User Accounts](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6748) - [2.3 DEMO- Using built in commands](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6749) - [2.2 What is NetBIOS - a Review](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6750) - [2.1 Defaults - Your biggest security issue](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6751) - [2.0 Introduction to Enumerating via Defaults & NetBIOS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6752) - [2.6 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6753) - [2.5 NetBIOS Enumerator & SuperScan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6754) - [1.3 Know your ports and services](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6755) - [1.2 The techniques of Enumeration](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6756) - [1.1 Enumeration explained](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6757) - [1.0 Enumeration Explained and Techniques Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6758) - [1.4 Enumeration Explained and Techniques Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6307&video=6759) - [9.2 Summary](https://www.blackhatethicalhacking.com/cmvl_video/9-2-summary-2/) - [9.1 All the countermeasures](https://www.blackhatethicalhacking.com/cmvl_video/9-1-all-the-countermeasures-2/) - [9.0 Countermeasures for enumeration](https://www.blackhatethicalhacking.com/cmvl_video/9-0-countermeasures-for-enumeration-2/) - [8.3 Summary](https://www.blackhatethicalhacking.com/cmvl_video/8-3-summary-2/) - [8.2 DEMO- Enumerating Linux](https://www.blackhatethicalhacking.com/cmvl_video/8-2-demo-enumerating-linux-2/) - [8.1 Why is linux considered secure](https://www.blackhatethicalhacking.com/cmvl_video/8-1-why-is-linux-considered-secure-2/) - [8.0 Linux isn't safe either Introduction](https://www.blackhatethicalhacking.com/cmvl_video/8-0-linux-isnt-safe-either-introduction-2/) - [7.4 Summary](https://www.blackhatethicalhacking.com/cmvl_video/7-4-summary-2/) - [7.3 DEMO- Enumeration via DNS](https://www.blackhatethicalhacking.com/cmvl_video/7-3-demo-enumeration-via-dns-2/) - [7.2 Behind DNS](https://www.blackhatethicalhacking.com/cmvl_video/7-2-behind-dns-2/) - [7.1 What is DNS](https://www.blackhatethicalhacking.com/cmvl_video/7-1-what-is-dns-2/) - [7.0 Enumerating via DNS Introduction](https://www.blackhatethicalhacking.com/cmvl_video/7-0-enumerating-via-dns-introduction-2/) - [10.3 WPA WPA2 attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6589) - [10.5 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6590) - [10.4 Bypassing hidden ESSID](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6592) - [10.2 WEP attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6593) - [10.1 Wireless reconnaisance](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6594) - [10.0 Wi-Fi Pentesting Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6591) - [9.5 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6595) - [9.4 Credential harvester attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6596) - [9.0 Social Engineering Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6597) - [9.3 Spearphishing attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6598) - [9.1 Social engineering toolkit](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6599) - [9.2 Powershell attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6600) - [8.5 Armitage](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6601) - [8.6 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6602) - [8.4 Meterpreter](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6604) - [8.3 Persistence](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6605) - [8.2 Post exploitation in metasploit](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6607) - [8.0 Exploitation Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6603) - [8.1 Exploiting using MSF](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6606) - [7.6 Discovering DoS DDoS Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6608) - [7.7 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6609) - [7.0 Network Sniffing Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6610) - [7.3 Detecting MiTM](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6611) - [7.5 Understanding Brute Force Attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6612) - [7.4 Detecting SYN Scan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6613) - [7.2 Sniffing with Wireshark](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6614) - [6.3 Scanning for vulns](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6615) - [7.1 Network monitoring](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6618) - [6.4 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6619) - [6.0 Internal Network Pentesting Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6620) - [6.2 Port scanning the internal network](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6621) - [6.1 Internal pentesting workflow](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6623) - [5.17 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6624) - [5.0 Website Pentesting Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6616) - [5.15 Maintaining access](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6617) - [5.16 DoS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6622) - [5.12 Scanning for specific vulns](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6625) - [5.14 Exploiting the SQLi](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6626) - [5.13 Session Tokens Test](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6627) - [5.11 CMS Scanning](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6628) - [5.10 SSL Scanning](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6629) - [5.8 Burpsuite discover contents](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6630) - [5.9 Copy a website](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6631) - [5.7 Burpsuite Spider](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6632) - [5.5 Burpsuite proxy](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6633) - [5.6 Burpsuite target](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6634) - [5.4 Website crawling](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6635) - [5.3 Load Balancer Scan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6636) - [5.2 WebApp firewall scan](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6637) - [5.1 Website pentesting workflow](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6638) - [4.4 Port scanning](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6639) - [4.5 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6640) - [4.0 External testing Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6641) - [4.3 Host discovery](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6642) - [4.2 Traceroute](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6643) - [3.12 Recon-ng](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6644) - [4.1 External pentesting workflow](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6645) - [3.13 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6646) - [3.11 Discover Scripts](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6648) - [3.10 Dmitry](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6649) - [3.9 DNS Reconnaissance](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6650) - [3.8 Whois](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6651) - [3.0 Information Gathering Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6647) - [3.7 Gather Contacts Info](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6652) - [3.6 Metagoofile](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6653) - [3.4 Google Hacking Database](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6654) - [3.5 Using some tools on the web](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6655) - [3.3 Visiting the client Website](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6656) - [3.1 Gathering Information Checklist](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6657) - [3.2 KeepNote](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6658) - [2.8 Scan your system for rootkits](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6662) - [2.5 Installing Additional Tools on Kali](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6663) - [2.7 Being Anonymous with TOR](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6664) - [2.6 Configuring SSH](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6665) - [2.4 Updating Kali Linux](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6666) - [2.1 Kali Linux 2.0](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6667) - [2.3 Installing Kali Linux](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6668) - [2.2 Creating a virtual machine](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6669) - [2.0 Installing and Configuring Kali Linux Introduction](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6670) - [2.9 Summary](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6671) - [1.2 Pre-penetration testing checklist](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6672) - [1.1 Pre-penetration testing checklist Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6673) - [1.3 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6674) - [1.0 Course workflow](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6304&video=6675) - [6.4 Summary](https://www.blackhatethicalhacking.com/cmvl_video/6-4-summary-2/) - [6.3 DEMO- Continuing to enumerate](https://www.blackhatethicalhacking.com/cmvl_video/6-3-demo-continuing-to-enumerate-2/) - [6.2 DEMO- Enumeration via SMTP](https://www.blackhatethicalhacking.com/cmvl_video/6-2-demo-enumeration-via-smtp-2/) - [6.1 What is SMTP](https://www.blackhatethicalhacking.com/cmvl_video/6-1-what-is-smtp-2/) - [6.0 Enumerating via SMTP Introduction](https://www.blackhatethicalhacking.com/cmvl_video/6-0-enumerating-via-smtp-introduction-2/) - [5.3 Summary](https://www.blackhatethicalhacking.com/cmvl_video/5-3-summary-2/) - [5.2 DEMO- Enumerating with NTP](https://www.blackhatethicalhacking.com/cmvl_video/5-2-demo-enumerating-with-ntp-2/) - [5.1 What is NTP](https://www.blackhatethicalhacking.com/cmvl_video/5-1-what-is-ntp-2/) - [5.0 Enumerating via NTP Introduction](https://www.blackhatethicalhacking.com/cmvl_video/5-0-enumerating-via-ntp-introduction-2/) - [4.3 Summary](https://www.blackhatethicalhacking.com/cmvl_video/4-3-summary-2/) - [4.2 DEMO- Enumeration via LDAP](https://www.blackhatethicalhacking.com/cmvl_video/4-2-demo-enumeration-via-ldap-2/) - [4.1 What is LDAP](https://www.blackhatethicalhacking.com/cmvl_video/4-1-what-is-ldap-2/) - [4.0 Enumerating via LDAP Introduction](https://www.blackhatethicalhacking.com/cmvl_video/4-0-enumerating-via-ldap-introduction-2/) - [3.3 Summary](https://www.blackhatethicalhacking.com/cmvl_video/3-3-summary-2/) - [3.2 DEMO- Enumerating SNMP](https://www.blackhatethicalhacking.com/cmvl_video/3-2-demo-enumerating-snmp-2/) - [3.1 What is SNMP](https://www.blackhatethicalhacking.com/cmvl_video/3-1-what-is-snmp-2/) - [3.0 Enumerating via SNMP Introduction](https://www.blackhatethicalhacking.com/cmvl_video/3-0-enumerating-via-snmp-introduction-2/) - [Overview Mobile Payments](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6535) - [Intro Mobile Payment](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6536) - [7.37. Apple pay](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6537) - [7.38. Mobile credit card interfaces](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6538) - [7.35. Secure Element vs Host Card Emulation](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6539) - [7.36. Android pay](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6540) - [Intro - Mobile Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6541) - [Overview - Mobile Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6542) - [6.34. Fruit vs Robot](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6543) - [6.33. Android Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6544) - [6.32. More iOS Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6545) - [6.31. iOS Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6546) - [5.30. Cool tools](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6547) - [intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6549) - [5.29. More guidelines and cool tools](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6550) - [5.28. Guidelines](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6551) - [5.26. MDM](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6552) - [5.27. More MDM features](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6553) - [4.25. Blackberry](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6554) - [Overview Other Mobile Platforms](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6555) - [Intro Hacking Other Mobile Platforms](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6556) - [4.22 Windows phones](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6557) - [4.24. Locking it down](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6558) - [4.23. Jailbreaking the glass](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6559) - [Overview - iOS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6560) - [3.20. Jailbreaking demo](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6561) - [Intro iOS](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6562) - [3.21. Locking it down](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6563) - [2.19. Jailbreaking](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6564) - [3.18. App security](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6565) - [3.17. Understanding the device](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6566) - [3.16. Understanding the architecture](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6567) - [Overview Android](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6568) - [Intro Android](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6569) - [2.8. Rooting](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6570) - [2.9. Rooting jargon](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6571) - [2.6. Understanding the architecture](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6572) - [2.7. Understanding the device](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6573) - [2.15. Locking it down](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6574) - [2.13. Using Odin](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6575) - [2.14. Malware](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6576) - [2.11. Rooting resources demo](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6577) - [2.12. Attacks](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6578) - [2.10. Rooting demo](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6579) - [1.4. NFC Tags](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6580) - [Intro Mobile Device Attack Vectors](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6582) - [1.3. A plethora of vectors](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6583) - [1.2. More terms](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6584) - [1.0 How bad is it](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6585) - [1.1. Terms you should know](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6311&video=6586) - [2.4 Pulling SIDs and User Accounts](https://www.blackhatethicalhacking.com/cmvl_video/2-4-pulling-sids-and-user-accounts-2/) - [2.3 DEMO- Using built in commands](https://www.blackhatethicalhacking.com/cmvl_video/2-3-demo-using-built-in-commands-2/) - [2.2 What is NetBIOS - a Review](https://www.blackhatethicalhacking.com/cmvl_video/2-2-what-is-netbios-a-review-2/) - [2.1 Defaults - Your biggest security issue](https://www.blackhatethicalhacking.com/cmvl_video/2-1-defaults-your-biggest-security-issue-2/) - [2.0 Introduction to Enumerating via Defaults & NetBIOS](https://www.blackhatethicalhacking.com/cmvl_video/2-0-introduction-to-enumerating-via-defaults-netbios-2/) - [2.6 Summary](https://www.blackhatethicalhacking.com/cmvl_video/2-6-summary-2/) - [2.5 NetBIOS Enumerator & SuperScan](https://www.blackhatethicalhacking.com/cmvl_video/2-5-netbios-enumerator-superscan-2/) - [1.3 Know your ports and services](https://www.blackhatethicalhacking.com/cmvl_video/1-3-know-your-ports-and-services-2/) - [1.2 The techniques of Enumeration](https://www.blackhatethicalhacking.com/cmvl_video/1-2-the-techniques-of-enumeration-2/) - [1.1 Enumeration explained](https://www.blackhatethicalhacking.com/cmvl_video/1-1-enumeration-explained-2/) - [1.0 Enumeration Explained and Techniques Introduction](https://www.blackhatethicalhacking.com/cmvl_video/1-0-enumeration-explained-and-techniques-introduction-2/) - [1.4 Enumeration Explained and Techniques Summary](https://www.blackhatethicalhacking.com/cmvl_video/1-4-enumeration-explained-and-techniques-summary-2/) - [5.2 Understanding token stealing and impersonation](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6482) - [4.0 Exploitation and Payload techniques Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6483) - [3.0 Finding targets through scanning Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6484) - [7.1 Stopping the Active Directory attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6485) - [7.2 Stopping the SQL Server attack](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6486) - [7.0 Protecting SharePoint from Metasploit Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6487) - [7.3 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6488) - [5.5 Use steal token and Incognito to impersonate accounts](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6489) - [5.3 Utilize MS scanner to find more targets](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6490) - [5.4 Forward local ports using metasploit, then RDP to target](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6491) - [5.0 Pivoting, port forwarding, token stealing and impersonation Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6492) - [5.6 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6493) - [6.2 Attacking SQL Server](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6494) - [5.1 Understanding pivoting and port forwarding](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6495) - [6.0 Metasploit and SharePoint Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6496) - [6.3 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6497) - [6.1 Attacking SharePoint and Active Directory](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6498) - [3.1 Scanning & Capturing with nmap MS & wireshark](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6499) - [2.1 Directories, docs & search commands](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6500) - [2.0 Metasploit Framework and Structure Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6501) - [2.2 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6502) - [4.3 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6504) - [4.2 Pushing a pay load using metasploit](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6505) - [4.1 Creating a payload using msfvenom](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6506) - [3.2 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6507) - [1.4 Overview](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6510) - [1.0 Metasploit Setup and Configuration Intro](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6503) - [1.3 Basic metasploit command](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6508) - [1.1 Installing MSF on Windows&Linux](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6509) - [1.2 Metasploit Terminology](https://www.blackhatethicalhacking.com/?post_type=cmvl_channel&p=6306&video=6511) - [6. Exploiting account lock outs](https://www.blackhatethicalhacking.com/cmvl_video/6-exploiting-account-lock-outs/) - [6. Exploiting password resets](https://www.blackhatethicalhacking.com/cmvl_video/6-exploiting-password-resets/) - [6. Summary Denial of Service Attacks](https://www.blackhatethicalhacking.com/cmvl_video/6-summary-denial-of-service-attacks/) - [6. Understanding DoS](https://www.blackhatethicalhacking.com/cmvl_video/6-understanding-dos/) - [6. Intro Denial of Service Attacks](https://www.blackhatethicalhacking.com/cmvl_video/6-intro-denial-of-service-attacks/) - [5. Privilege Elevation](https://www.blackhatethicalhacking.com/cmvl_video/5-privilege-elevation/) - [5. Summary Attacks against identity management and access controls](https://www.blackhatethicalhacking.com/cmvl_video/5-summary-attacks-against-identity-management-and-access-controls/) - [5. Resource missing access controls](https://www.blackhatethicalhacking.com/cmvl_video/5-resource-missing-access-controls/) - [4. Defending against XSS](https://www.blackhatethicalhacking.com/cmvl_video/4-defending-against-xss/) - [2. OWASP and the top 10 web app security risks](https://www.blackhatethicalhacking.com/cmvl_video/2-owasp-and-the-top-10-web-app-security-risks/) - [5. Insufficient access controls](https://www.blackhatethicalhacking.com/cmvl_video/5-insufficient-access-controls/) - [5. Identity enumeration](https://www.blackhatethicalhacking.com/cmvl_video/5-identity-enumeration/) - [5. Weakness in the remember me feature](https://www.blackhatethicalhacking.com/cmvl_video/5-weakness-in-the-remember-me-feature/) - [5. Intro Attacks against identity management and access controls](https://www.blackhatethicalhacking.com/cmvl_video/5-intro-attacks-against-identity-management-and-access-controls/) - [4. Summary Attacks involving the client](https://www.blackhatethicalhacking.com/cmvl_video/4-summary-attacks-involving-the-client/) - [4. Insufficient Transport Layer Security](https://www.blackhatethicalhacking.com/cmvl_video/4-insufficient-transport-layer-security/) - [4. CSRF](https://www.blackhatethicalhacking.com/cmvl_video/4-csrf/) - [4. Client only validation](https://www.blackhatethicalhacking.com/cmvl_video/4-client-only-validation/) - [4. Identifying XSS Risks and evading filters](https://www.blackhatethicalhacking.com/cmvl_video/4-identifying-xss-risks-and-evading-filters/) - [4. Reflected XSS](https://www.blackhatethicalhacking.com/cmvl_video/4-reflected-xss/) - [4. Persistent XSS](https://www.blackhatethicalhacking.com/cmvl_video/4-persistent-xss/) - [1. Overview 4. Attacks involving the client](https://www.blackhatethicalhacking.com/cmvl_video/1-overview-4-attacks-involving-the-client/) - [8. Defending against tampering](https://www.blackhatethicalhacking.com/cmvl_video/8-defending-against-tampering/) - [7. Insecure direct object references](https://www.blackhatethicalhacking.com/cmvl_video/7-insecure-direct-object-references/) - [6. Cookie poisoning](https://www.blackhatethicalhacking.com/cmvl_video/6-cookie-poisoning/) - [5. Mass assignment attack](https://www.blackhatethicalhacking.com/cmvl_video/5-mass-assignment-attack/) - [3. Parameter tampering](https://www.blackhatethicalhacking.com/cmvl_video/3-parameter-tampering/) - [4. Hidden field tampering](https://www.blackhatethicalhacking.com/cmvl_video/4-hidden-field-tampering/) - [1. Overview Tampering of Untrusted Data](https://www.blackhatethicalhacking.com/cmvl_video/1-overview-tampering-of-untrusted-data/) - [9. Discovering Framework Risks](https://www.blackhatethicalhacking.com/cmvl_video/9-discovering-framework-risks/) - [8. Discovery of Services via Generated Documentation](https://www.blackhatethicalhacking.com/cmvl_video/8-discovery-of-services-via-generated-documentation/) - [7. Discovery of Development Artifacts with Acutenix](https://www.blackhatethicalhacking.com/cmvl_video/7-discovery-of-development-artifacts-with-acutenix/) - [4. Directory Traversal](https://www.blackhatethicalhacking.com/cmvl_video/4-directory-traversal/) - [6. Server fingerprinting with Nmap](https://www.blackhatethicalhacking.com/cmvl_video/6-server-fingerprinting-with-nmap/) - [5. Banner grabbing with Wget](https://www.blackhatethicalhacking.com/cmvl_video/5-banner-grabbing-with-wget/) - [3. Forced browsing with Burp Suite](https://www.blackhatethicalhacking.com/cmvl_video/3-forced-browsing-with-burp-suite/) - [2. Spidering with NetSparker](https://www.blackhatethicalhacking.com/cmvl_video/2-spidering-with-netsparker/) - [10. Identifying vulnerable targets with shodan](https://www.blackhatethicalhacking.com/cmvl_video/10-identifying-vulnerable-targets-with-shodan/) - [8. Whats not covered in this course](https://www.blackhatethicalhacking.com/cmvl_video/8-whats-not-covered-in-this-course/) - [7. What the browser can't defend against](https://www.blackhatethicalhacking.com/cmvl_video/7-what-the-browser-cant-defend-against/) - [6. Protections Offered by Browsers](https://www.blackhatethicalhacking.com/cmvl_video/6-protections-offered-by-browsers/) - [5. The discoverability of client security constructs](https://www.blackhatethicalhacking.com/cmvl_video/5-the-discoverability-of-client-security-constructs/) - [4. Query Strings, Routing, and HTTP Verbs](https://www.blackhatethicalhacking.com/cmvl_video/4-query-strings-routing-and-http-verbs/) - [3. Understanding Web Application Security](https://www.blackhatethicalhacking.com/cmvl_video/3-understanding-web-application-security/) - [2. The State of Web Application Security](https://www.blackhatethicalhacking.com/cmvl_video/2-the-state-of-web-application-security/) - [10. Summary Tampering of Untrusted Data](https://www.blackhatethicalhacking.com/cmvl_video/10-summary-tampering-of-untrusted-data/) - [1. Intro Reconnaisance and Footprinting](https://www.blackhatethicalhacking.com/cmvl_video/1-intro-reconnaisance-and-footprinting/) - [9. Summary Understanding Security in Web Applications](https://www.blackhatethicalhacking.com/cmvl_video/9-summary-understanding-security-in-web-applications/) - [1. Overview Understanding Security in Web Applications](https://www.blackhatethicalhacking.com/cmvl_video/1-overview-understanding-security-in-web-applications/) - [Overview Mobile Device Management, Guidelines and Tools](https://www.blackhatethicalhacking.com/cmvl_video/overview-mobile-device-management-guidelines-and-tools/) - [Overview -1. Mobile Device Attack Vectors](https://www.blackhatethicalhacking.com/cmvl_video/overview-1-mobile-device-attack-vectors/) - [5. Summary Malware threats & attacks](https://www.blackhatethicalhacking.com/cmvl_video/5-summary-malware-threats-attacks/) - [10. Summary](https://www.blackhatethicalhacking.com/cmvl_video/10-summary-3/) - [1. Introduction Malware threats & attacksalware threats & attacks](https://www.blackhatethicalhacking.com/cmvl_video/1-introduction-malware-threats-attacksalware-threats-attacks/) - [9. Slowloris](https://www.blackhatethicalhacking.com/cmvl_video/9-slowloris/) - [7. Attack Reflection and Amplification](https://www.blackhatethicalhacking.com/cmvl_video/7-attack-reflection-and-amplification/) - [8. Peer-to-Peer attacks](https://www.blackhatethicalhacking.com/cmvl_video/8-peer-to-peer-attacks/) - [6. UDP and ICMP Attacks](https://www.blackhatethicalhacking.com/cmvl_video/6-udp-and-icmp-attacks/) - [4. HTTP Flood attacks](https://www.blackhatethicalhacking.com/cmvl_video/4-http-flood-attacks/) - [5. SYN Flood attacks](https://www.blackhatethicalhacking.com/cmvl_video/5-syn-flood-attacks/) - [3. The Role of Botnets in DDoS Attacks](https://www.blackhatethicalhacking.com/cmvl_video/3-the-role-of-botnets-in-ddos-attacks/) - [2. The OSI Model of Computer Networking](https://www.blackhatethicalhacking.com/cmvl_video/2-the-osi-model-of-computer-networking/) - [7. Vulnerabilities in Web Services](https://www.blackhatethicalhacking.com/cmvl_video/7-vulnerabilities-in-web-services/) - [4. Insecure cryptographic storage](https://www.blackhatethicalhacking.com/cmvl_video/4-insecure-cryptographic-storage/) - [5. Unvalidated redirects and forwards](https://www.blackhatethicalhacking.com/cmvl_video/5-unvalidated-redirects-and-forwards/) - [2. Improper error handling](https://www.blackhatethicalhacking.com/cmvl_video/2-improper-error-handling/) - [3.2 Setup-WingIDE overview](https://www.blackhatethicalhacking.com/cmvl_video/3-2-setup-wingide-overview-2/) - [3.1 Setup-Overview](https://www.blackhatethicalhacking.com/cmvl_video/3-1-setup-overview-2/) - [3.0 Setup-Intro](https://www.blackhatethicalhacking.com/cmvl_video/3-0-setup-intro-2/) - [2.9 Setup-Installing WingIDE on Kali](https://www.blackhatethicalhacking.com/cmvl_video/2-9-setup-installing-wingide-on-kali-2/) - [3. Understanding halted hashes](https://www.blackhatethicalhacking.com/cmvl_video/3-understanding-halted-hashes/) - [9. Other DDoS Attacks and Mitigations](https://www.blackhatethicalhacking.com/cmvl_video/9-other-ddos-attacks-and-mitigations/) - [1. Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-intro/) - [2.8 Setup-First pentest program](https://www.blackhatethicalhacking.com/cmvl_video/2-8-setup-first-pentest-program-2/) - [2.7 Networks-Overview](https://www.blackhatethicalhacking.com/cmvl_video/2-7-networks-overview-2/) - [8. Features at Risk of a DDoS Attack](https://www.blackhatethicalhacking.com/cmvl_video/8-features-at-risk-of-a-ddos-attack/) - [2.6 Networks-Intro](https://www.blackhatethicalhacking.com/cmvl_video/2-6-networks-intro-2/) - [7. DDoS as a Service](https://www.blackhatethicalhacking.com/cmvl_video/7-ddos-as-a-service/) - [5. DDoS](https://www.blackhatethicalhacking.com/cmvl_video/5-ddos/) - [2.5 Networks-Creating UDP Client](https://www.blackhatethicalhacking.com/cmvl_video/2-5-networks-creating-udp-client-2/) - [6. Automating DDoS Attacks with LOIC](https://www.blackhatethicalhacking.com/cmvl_video/6-automating-ddos-attacks-with-loic/) - [2.4 Networks-Creating a TCP Server](https://www.blackhatethicalhacking.com/cmvl_video/2-4-networks-creating-a-tcp-server-2/) - [4. Exploiting account lock outs](https://www.blackhatethicalhacking.com/cmvl_video/4-exploiting-account-lock-outs/) - [3. Exploiting password resets](https://www.blackhatethicalhacking.com/cmvl_video/3-exploiting-password-resets/) - [10. Summary](https://www.blackhatethicalhacking.com/cmvl_video/10-summary/) - [2. Understanding DoS](https://www.blackhatethicalhacking.com/cmvl_video/2-understanding-dos/) - [1. Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-intro-2/) - [7. Privilege Elevation](https://www.blackhatethicalhacking.com/cmvl_video/7-privilege-elevation/) - [2.3 Networks-Creating a TCP Client](https://www.blackhatethicalhacking.com/cmvl_video/2-3-networks-creating-a-tcp-client-2/) - [6. Insufficient access controls](https://www.blackhatethicalhacking.com/cmvl_video/6-insufficient-access-controls/) - [5. Resource missing access controls](https://www.blackhatethicalhacking.com/cmvl_video/5-resource-missing-access-controls-2/) - [2.2 How it works](https://www.blackhatethicalhacking.com/cmvl_video/2-2-how-it-works-2/) - [3. Identity enumeration](https://www.blackhatethicalhacking.com/cmvl_video/3-identity-enumeration/) - [4. Weakness in the remember me feature](https://www.blackhatethicalhacking.com/cmvl_video/4-weakness-in-the-remember-me-feature/) - [2.1 How it Works-Sniffing with Scapy](https://www.blackhatethicalhacking.com/cmvl_video/2-1-how-it-works-sniffing-with-scapy-2/) - [1. Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-intro-3/) - [2. Understanding weaknesses in identity management](https://www.blackhatethicalhacking.com/cmvl_video/2-understanding-weaknesses-in-identity-management/) - [9. Summary](https://www.blackhatethicalhacking.com/cmvl_video/9-summary/) - [2.0 How it Works-Reading binary raw packets](https://www.blackhatethicalhacking.com/cmvl_video/2-0-how-it-works-reading-binary-raw-packets-2/) - [7. Insufficient Transport Layer Security](https://www.blackhatethicalhacking.com/cmvl_video/7-insufficient-transport-layer-security/) - [1.9 How it Works-Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-9-how-it-works-overview-2/) - [1.8 How it Works-Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-8-how-it-works-intro-2/) - [8. CSRF](https://www.blackhatethicalhacking.com/cmvl_video/8-csrf/) - [1.7 How it Works-Developing the Server application](https://www.blackhatethicalhacking.com/cmvl_video/1-7-how-it-works-developing-the-server-application-2/) - [1.6 How it Works-Developing the Client application](https://www.blackhatethicalhacking.com/cmvl_video/1-6-how-it-works-developing-the-client-application-2/) - [6. Client only validation](https://www.blackhatethicalhacking.com/cmvl_video/6-client-only-validation/) - [5. Identifying XSS Risks and evading filters](https://www.blackhatethicalhacking.com/cmvl_video/5-identifying-xss-risks-and-evading-filters/) - [1.5 How it Works-Decoding the IP Layer](https://www.blackhatethicalhacking.com/cmvl_video/1-5-how-it-works-decoding-the-ip-layer-2/) - [1.4 How it Works-Course workflow](https://www.blackhatethicalhacking.com/cmvl_video/1-4-how-it-works-course-workflow-2/) - [1.3 Before Starting-Why choose python](https://www.blackhatethicalhacking.com/cmvl_video/1-3-before-starting-why-choose-python-2/) - [4. Defending against XSS](https://www.blackhatethicalhacking.com/cmvl_video/4-defending-against-xss-2/) - [2. Reflected XSS](https://www.blackhatethicalhacking.com/cmvl_video/2-reflected-xss/) - [1.2 Before Starting-Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-2-before-starting-overview-2/) - [1.1 Before Starting-Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-1-before-starting-intro-2/) - [3. Persistent XSS](https://www.blackhatethicalhacking.com/cmvl_video/3-persistent-xss/) - [1.0 Before Starting-Course overview](https://www.blackhatethicalhacking.com/cmvl_video/1-0-before-starting-course-overview-2/) - [1. Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-overview/) - [9. Defending against tampering](https://www.blackhatethicalhacking.com/cmvl_video/9-defending-against-tampering/) - [8. Insecure direct object references](https://www.blackhatethicalhacking.com/cmvl_video/8-insecure-direct-object-references/) - [7. Cookie poisoning](https://www.blackhatethicalhacking.com/cmvl_video/7-cookie-poisoning/) - [6. Mass assignment attack](https://www.blackhatethicalhacking.com/cmvl_video/6-mass-assignment-attack/) - [4. Parameter tampering](https://www.blackhatethicalhacking.com/cmvl_video/4-parameter-tampering/) - [5. Hidden field tampering](https://www.blackhatethicalhacking.com/cmvl_video/5-hidden-field-tampering/) - [2. OWASP and the top 10 web app security risks](https://www.blackhatethicalhacking.com/cmvl_video/2-owasp-and-the-top-10-web-app-security-risks-2/) - [1. Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-overview-2/) - [10. Summary](https://www.blackhatethicalhacking.com/cmvl_video/10-summary-2/) - [9. Discovering Framework Risks](https://www.blackhatethicalhacking.com/cmvl_video/9-discovering-framework-risks-2/) - [8. Discovery of Services via Generated Documentation](https://www.blackhatethicalhacking.com/cmvl_video/8-discovery-of-services-via-generated-documentation-2/) - [7. Discovery of Development Artifacts with Acutenix](https://www.blackhatethicalhacking.com/cmvl_video/7-discovery-of-development-artifacts-with-acutenix-2/) - [4. Directory Traversal](https://www.blackhatethicalhacking.com/cmvl_video/4-directory-traversal-2/) - [6. Server fingerprinting with Nmap](https://www.blackhatethicalhacking.com/cmvl_video/6-server-fingerprinting-with-nmap-2/) - [3. Forced browsing with Burp Suite](https://www.blackhatethicalhacking.com/cmvl_video/3-forced-browsing-with-burp-suite-2/) - [2. Spidering with NetSparker](https://www.blackhatethicalhacking.com/cmvl_video/2-spidering-with-netsparker-2/) - [10. Identifying vulnerable targets with shodan](https://www.blackhatethicalhacking.com/cmvl_video/10-identifying-vulnerable-targets-with-shodan-2/) - [11. Summary](https://www.blackhatethicalhacking.com/cmvl_video/11-summary/) - [1. Intro](https://www.blackhatethicalhacking.com/cmvl_video/1-intro-4/) - [9. Summary](https://www.blackhatethicalhacking.com/cmvl_video/9-summary-2/) - [8. Whats not covered in this course](https://www.blackhatethicalhacking.com/cmvl_video/8-whats-not-covered-in-this-course-2/) - [7. What the browser can't defend against](https://www.blackhatethicalhacking.com/cmvl_video/7-what-the-browser-cant-defend-against-2/) - [6. Protections Offered by Browsers](https://www.blackhatethicalhacking.com/cmvl_video/6-protections-offered-by-browsers-2/) - [5. The discoverability of client security constructs](https://www.blackhatethicalhacking.com/cmvl_video/5-the-discoverability-of-client-security-constructs-2/) - [4. Query Strings, Routing, and HTTP Verbs](https://www.blackhatethicalhacking.com/cmvl_video/4-query-strings-routing-and-http-verbs-2/) - [3. Understanding Web Application Security](https://www.blackhatethicalhacking.com/cmvl_video/3-understanding-web-application-security-2/) - [2. The State of Web Application Security](https://www.blackhatethicalhacking.com/cmvl_video/2-the-state-of-web-application-security-2/) - [1. Overview](https://www.blackhatethicalhacking.com/cmvl_video/1-overview-3/) - [11.2 Bruteforcing hashes](https://www.blackhatethicalhacking.com/cmvl_video/11-2-bruteforcing-hashes/) - [11.0 Brute force attack testing Intro](https://www.blackhatethicalhacking.com/cmvl_video/11-0-brute-force-attack-testing-intro/) - [11.1 Bruteforcing RDP](https://www.blackhatethicalhacking.com/cmvl_video/11-1-bruteforcing-rdp/) ## Products - [Perm Post Article Publishing for Adsyblog.com](https://www.blackhatethicalhacking.com/product/perm-post-article-publishing-for-adsyblog-com/) ## Lessons - [Chapter 1: Learning Linux](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-learning-linux/) - [Introduction To Bug Bounty Hunting](https://www.blackhatethicalhacking.com/video-lesson/lesson/introduction-to-bug-bounty-hunting/) - [Chapter 4 - Submitting better reports](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-4-submitting-better-reports/) - [Chapter 3 - Thinking outside the box - the mindset of a hacker](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-thinking-outside-the-box-the-mindset-of-a-hacker/) - [Chapter 2 - Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-attacks/) - [Chapter 1: Reconnaissance](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-1-reconnaissance/) - [Chapter 5: Social Engineering & Phishing Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-5-social-engineering-phishing-attacks/) - [Chapter 3: Attacks](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-3-attacks/) - [Chapter 2: Reconnaissance & OSINT](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-2-reconnaissance-osint/) - [Workshop Preparation Guide](https://www.blackhatethicalhacking.com/video-lesson/lesson/workshop-preparation-guide/) - [Chapter 4: Post Exploitation](https://www.blackhatethicalhacking.com/video-lesson/lesson/chapter-4-post-exploitation/) ## Categories - [Uncategorized](https://www.blackhatethicalhacking.com/category/uncategorized/) - [Terms](https://www.blackhatethicalhacking.com/category/terms/) - [Members](https://www.blackhatethicalhacking.com/category/members/) - [News](https://www.blackhatethicalhacking.com/category/news/) - [Tools](https://www.blackhatethicalhacking.com/category/tools/) - [Facts](https://www.blackhatethicalhacking.com/category/facts/) - [Articles](https://www.blackhatethicalhacking.com/category/articles/) - [Free Access](https://www.blackhatethicalhacking.com/category/articles/free-access/) - [Complete Offensive Security & Ethical Hacking Course](https://www.blackhatethicalhacking.com/category/members/complete-offensive-security-ethical-hacking-course/) - [Blog](https://www.blackhatethicalhacking.com/category/blog/) - [Write up](https://www.blackhatethicalhacking.com/category/articles/write-up/) - [Information Security](https://www.blackhatethicalhacking.com/category/articles/information-security/) - [Hacking Stories](https://www.blackhatethicalhacking.com/category/articles/hacking-stories/) - [Malware](https://www.blackhatethicalhacking.com/category/articles/malware/) - [The Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/category/members/the-bug-bounty-hunting-course/) - [Bundle Courses](https://www.blackhatethicalhacking.com/category/members/bundle-courses/) - [Sponsored](https://www.blackhatethicalhacking.com/category/articles/sponsored/) - [Press Release](https://www.blackhatethicalhacking.com/category/press-release/) - [External Pentesting Write ups](https://www.blackhatethicalhacking.com/category/articles/external-pentesting-write-ups/) - [Internal Pentesting Write ups](https://www.blackhatethicalhacking.com/category/articles/internal-pentesting-write-ups/) - [Free Premium Article](https://www.blackhatethicalhacking.com/category/articles/freepremium/) - [Tools by BHEH](https://www.blackhatethicalhacking.com/category/tools-by-bheh/) ## Tags - [metasploit](https://www.blackhatethicalhacking.com/tag/metasploit/) - [Black Hat Ethical Hacking](https://www.blackhatethicalhacking.com/tag/black-hat-ethical-hacking/) - [cyber security](https://www.blackhatethicalhacking.com/tag/cyber-security/) - [bheh](https://www.blackhatethicalhacking.com/tag/bheh/) - [osint](https://www.blackhatethicalhacking.com/tag/osint/) - [reconnaissance](https://www.blackhatethicalhacking.com/tag/reconnaissance/) - [digital forensics](https://www.blackhatethicalhacking.com/tag/digital-forensics/) - [blackhatethicalhacking](https://www.blackhatethicalhacking.com/tag/blackhatethicalhacking/) - [socialengineering](https://www.blackhatethicalhacking.com/tag/socialengineering/) - [beef](https://www.blackhatethicalhacking.com/tag/beef/) - [offensivesecruity](https://www.blackhatethicalhacking.com/tag/offensivesecruity/) - [tools](https://www.blackhatethicalhacking.com/tag/tools/) - [hacking tools](https://www.blackhatethicalhacking.com/tag/hacking-tools/) - [linkedin](https://www.blackhatethicalhacking.com/tag/linkedin/) - [peasant](https://www.blackhatethicalhacking.com/tag/peasant/) - [recon](https://www.blackhatethicalhacking.com/tag/recon/) - [hakku](https://www.blackhatethicalhacking.com/tag/hakku/) - [macros](https://www.blackhatethicalhacking.com/tag/macros/) - [malicious](https://www.blackhatethicalhacking.com/tag/malicious/) - [payload](https://www.blackhatethicalhacking.com/tag/payload/) - [ddos](https://www.blackhatethicalhacking.com/tag/ddos/) - [ufonet](https://www.blackhatethicalhacking.com/tag/ufonet/) - [dos](https://www.blackhatethicalhacking.com/tag/dos/) - [denial of service](https://www.blackhatethicalhacking.com/tag/denial-of-service/) - [weevely](https://www.blackhatethicalhacking.com/tag/weevely/) - [backdoor](https://www.blackhatethicalhacking.com/tag/backdoor/) - [trustedsec](https://www.blackhatethicalhacking.com/tag/trustedsec/) - [penetrationtesting](https://www.blackhatethicalhacking.com/tag/penetrationtesting/) - [magicunicorn](https://www.blackhatethicalhacking.com/tag/magicunicorn/) - [dfirtrack](https://www.blackhatethicalhacking.com/tag/dfirtrack/) - [digitalforensics](https://www.blackhatethicalhacking.com/tag/digitalforensics/) - [rubeus](https://www.blackhatethicalhacking.com/tag/rubeus/) - [armitage](https://www.blackhatethicalhacking.com/tag/armitage/) - [floss](https://www.blackhatethicalhacking.com/tag/floss/) - [malware](https://www.blackhatethicalhacking.com/tag/malware/) - [VPN](https://www.blackhatethicalhacking.com/tag/vpn/) - [hidensneak](https://www.blackhatethicalhacking.com/tag/hidensneak/) - [cloud](https://www.blackhatethicalhacking.com/tag/cloud/) - [nothing gets deleted](https://www.blackhatethicalhacking.com/tag/nothing-gets-deleted/) - [vpnleak](https://www.blackhatethicalhacking.com/tag/vpnleak/) - [webrtc](https://www.blackhatethicalhacking.com/tag/webrtc/) - [chaos](https://www.blackhatethicalhacking.com/tag/chaos/) - [sharpchromium](https://www.blackhatethicalhacking.com/tag/sharpchromium/) - [browsers](https://www.blackhatethicalhacking.com/tag/browsers/) - [chrome](https://www.blackhatethicalhacking.com/tag/chrome/) - [google](https://www.blackhatethicalhacking.com/tag/google/) - [microsoft](https://www.blackhatethicalhacking.com/tag/microsoft/) - [default-http-hunter](https://www.blackhatethicalhacking.com/tag/default-http-hunter/) - [nndefacts](https://www.blackhatethicalhacking.com/tag/nndefacts/) - [fingerprint](https://www.blackhatethicalhacking.com/tag/fingerprint/) - [2fa](https://www.blackhatethicalhacking.com/tag/2fa/) - [PEASS](https://www.blackhatethicalhacking.com/tag/peass/) - [priviledge escalation](https://www.blackhatethicalhacking.com/tag/priviledge-escalation/) - [offensive security](https://www.blackhatethicalhacking.com/tag/offensive-security/) - [hindsight](https://www.blackhatethicalhacking.com/tag/hindsight/) - [decryption](https://www.blackhatethicalhacking.com/tag/decryption/) - [office365](https://www.blackhatethicalhacking.com/tag/office365/) - [o365 attack toolkit](https://www.blackhatethicalhacking.com/tag/o365-attack-toolkit/) - [intelmq](https://www.blackhatethicalhacking.com/tag/intelmq/) - [falconstike](https://www.blackhatethicalhacking.com/tag/falconstike/) - [wifiphisher](https://www.blackhatethicalhacking.com/tag/wifiphisher/) - [phishing](https://www.blackhatethicalhacking.com/tag/phishing/) - [mitm](https://www.blackhatethicalhacking.com/tag/mitm/) - [mailsploit](https://www.blackhatethicalhacking.com/tag/mailsploit/) - [spoof](https://www.blackhatethicalhacking.com/tag/spoof/) - [facts](https://www.blackhatethicalhacking.com/tag/facts/) - [phishingattack](https://www.blackhatethicalhacking.com/tag/phishingattack/) - [hacking](https://www.blackhatethicalhacking.com/tag/hacking/) - [cybersecurity](https://www.blackhatethicalhacking.com/tag/cybersecurity/) - [offensivesecurity](https://www.blackhatethicalhacking.com/tag/offensivesecurity/) - [informationsecurity](https://www.blackhatethicalhacking.com/tag/informationsecurity/) - [zoom](https://www.blackhatethicalhacking.com/tag/zoom/) - [tangalanga](https://www.blackhatethicalhacking.com/tag/tangalanga/) - [shodan](https://www.blackhatethicalhacking.com/tag/shodan/) - [pymeta](https://www.blackhatethicalhacking.com/tag/pymeta/) - [metadata](https://www.blackhatethicalhacking.com/tag/metadata/) - [evilginx](https://www.blackhatethicalhacking.com/tag/evilginx/) - [evilginx2](https://www.blackhatethicalhacking.com/tag/evilginx2/) - [iot](https://www.blackhatethicalhacking.com/tag/iot/) - [article](https://www.blackhatethicalhacking.com/tag/article/) - [tsunami](https://www.blackhatethicalhacking.com/tag/tsunami/) - [vulnerability scanner](https://www.blackhatethicalhacking.com/tag/vulnerability-scanner/) - [firewalls](https://www.blackhatethicalhacking.com/tag/firewalls/) - [jok3r](https://www.blackhatethicalhacking.com/tag/jok3r/) - [nmap](https://www.blackhatethicalhacking.com/tag/nmap/) - [sublist3r](https://www.blackhatethicalhacking.com/tag/sublist3r/) - [domain bruteforce](https://www.blackhatethicalhacking.com/tag/domain-bruteforce/) - [twint](https://www.blackhatethicalhacking.com/tag/twint/) - [twitter](https://www.blackhatethicalhacking.com/tag/twitter/) - [nuclei](https://www.blackhatethicalhacking.com/tag/nuclei/) - [bugbounty](https://www.blackhatethicalhacking.com/tag/bugbounty/) - [wfuzz](https://www.blackhatethicalhacking.com/tag/wfuzz/) - [fuzzing](https://www.blackhatethicalhacking.com/tag/fuzzing/) - [humanintelligence](https://www.blackhatethicalhacking.com/tag/humanintelligence/) - [hellraiser](https://www.blackhatethicalhacking.com/tag/hellraiser/) - [vulnerability](https://www.blackhatethicalhacking.com/tag/vulnerability/) - [The TIDoS Framework](https://www.blackhatethicalhacking.com/tag/the-tidos-framework/) - [subzy](https://www.blackhatethicalhacking.com/tag/subzy/) - [subdomain takeover](https://www.blackhatethicalhacking.com/tag/subdomain-takeover/) - [subdomain bruteforce](https://www.blackhatethicalhacking.com/tag/subdomain-bruteforce/) - [dronesploit](https://www.blackhatethicalhacking.com/tag/dronesploit/) - [drones](https://www.blackhatethicalhacking.com/tag/drones/) - [commix](https://www.blackhatethicalhacking.com/tag/commix/) - [commandinjection](https://www.blackhatethicalhacking.com/tag/commandinjection/) - [hackers](https://www.blackhatethicalhacking.com/tag/hackers/) - [criminal](https://www.blackhatethicalhacking.com/tag/criminal/) - [payloadallthethings](https://www.blackhatethicalhacking.com/tag/payloadallthethings/) - [payloads](https://www.blackhatethicalhacking.com/tag/payloads/) - [xss](https://www.blackhatethicalhacking.com/tag/xss/) - [xsstrike](https://www.blackhatethicalhacking.com/tag/xsstrike/) - [pret](https://www.blackhatethicalhacking.com/tag/pret/) - [printers](https://www.blackhatethicalhacking.com/tag/printers/) - [exploitation](https://www.blackhatethicalhacking.com/tag/exploitation/) - [crackmapexec](https://www.blackhatethicalhacking.com/tag/crackmapexec/) - [byt3bl33d3r](https://www.blackhatethicalhacking.com/tag/byt3bl33d3r/) - [shad0w](https://www.blackhatethicalhacking.com/tag/shad0w/) - [fact](https://www.blackhatethicalhacking.com/tag/fact/) - [information security](https://www.blackhatethicalhacking.com/tag/information-security/) - [solarwinds](https://www.blackhatethicalhacking.com/tag/solarwinds/) - [john the ripper](https://www.blackhatethicalhacking.com/tag/john-the-ripper/) - [scarecrow](https://www.blackhatethicalhacking.com/tag/scarecrow/) - [pentesting](https://www.blackhatethicalhacking.com/tag/pentesting/) - [sparta](https://www.blackhatethicalhacking.com/tag/sparta/) - [skipfish](https://www.blackhatethicalhacking.com/tag/skipfish/) - [infosec](https://www.blackhatethicalhacking.com/tag/infosec/) - [chameleon](https://www.blackhatethicalhacking.com/tag/chameleon/) - [honeypot](https://www.blackhatethicalhacking.com/tag/honeypot/) - [intel](https://www.blackhatethicalhacking.com/tag/intel/) - [cve binary tool](https://www.blackhatethicalhacking.com/tag/cve-binary-tool/) - [hunt](https://www.blackhatethicalhacking.com/tag/hunt/) - [adfsbrute](https://www.blackhatethicalhacking.com/tag/adfsbrute/) - [SSHPry2.0](https://www.blackhatethicalhacking.com/tag/sshpry2-0/) - [eyewitness](https://www.blackhatethicalhacking.com/tag/eyewitness/) - [breacher](https://www.blackhatethicalhacking.com/tag/breacher/) - [snallygaster](https://www.blackhatethicalhacking.com/tag/snallygaster/) - [linkedinscraper](https://www.blackhatethicalhacking.com/tag/linkedinscraper/) - [pacu](https://www.blackhatethicalhacking.com/tag/pacu/) - [aws](https://www.blackhatethicalhacking.com/tag/aws/) - [cloudfail](https://www.blackhatethicalhacking.com/tag/cloudfail/) - [secretfinder](https://www.blackhatethicalhacking.com/tag/secretfinder/) - [pixload](https://www.blackhatethicalhacking.com/tag/pixload/) - [gospider](https://www.blackhatethicalhacking.com/tag/gospider/) - [hackingtool](https://www.blackhatethicalhacking.com/tag/hackingtool/) - [veil](https://www.blackhatethicalhacking.com/tag/veil/) - [sniffer](https://www.blackhatethicalhacking.com/tag/sniffer/) - [VoIP](https://www.blackhatethicalhacking.com/tag/voip/) - [VoIPmonitor](https://www.blackhatethicalhacking.com/tag/voipmonitor/) - [mimikatz](https://www.blackhatethicalhacking.com/tag/mimikatz/) - [warcannon](https://www.blackhatethicalhacking.com/tag/warcannon/) - [blackhat](https://www.blackhatethicalhacking.com/tag/blackhat/) - [blackhatusa](https://www.blackhatethicalhacking.com/tag/blackhatusa/) - [ffuf](https://www.blackhatethicalhacking.com/tag/ffuf/) - [fuzz](https://www.blackhatethicalhacking.com/tag/fuzz/) - [hacker](https://www.blackhatethicalhacking.com/tag/hacker/) - [starkiller](https://www.blackhatethicalhacking.com/tag/starkiller/) - [pegasus spyware](https://www.blackhatethicalhacking.com/tag/pegasus-spyware/) - [spyware](https://www.blackhatethicalhacking.com/tag/spyware/) - [jenkins](https://www.blackhatethicalhacking.com/tag/jenkins/) - [red team](https://www.blackhatethicalhacking.com/tag/red-team/) - [jaf](https://www.blackhatethicalhacking.com/tag/jaf/) - [sniper fish](https://www.blackhatethicalhacking.com/tag/sniper-fish/) - [sniperfish](https://www.blackhatethicalhacking.com/tag/sniperfish/) - [discover](https://www.blackhatethicalhacking.com/tag/discover/) - [phishing attacks](https://www.blackhatethicalhacking.com/tag/phishing-attacks/) - [spear phishing](https://www.blackhatethicalhacking.com/tag/spear-phishing/) - [whispers](https://www.blackhatethicalhacking.com/tag/whispers/) - [dalfox](https://www.blackhatethicalhacking.com/tag/dalfox/) - [instagram](https://www.blackhatethicalhacking.com/tag/instagram/) - [zipexec](https://www.blackhatethicalhacking.com/tag/zipexec/) - [operation troy](https://www.blackhatethicalhacking.com/tag/operation-troy/) - [dotdotpwn](https://www.blackhatethicalhacking.com/tag/dotdotpwn/) - [traversal](https://www.blackhatethicalhacking.com/tag/traversal/) - [bug bounty](https://www.blackhatethicalhacking.com/tag/bug-bounty/) - [hashcat](https://www.blackhatethicalhacking.com/tag/hashcat/) - [gomapenum](https://www.blackhatethicalhacking.com/tag/gomapenum/) - [cobalt strike](https://www.blackhatethicalhacking.com/tag/cobalt-strike/) - [kerberos](https://www.blackhatethicalhacking.com/tag/kerberos/) - [log4j](https://www.blackhatethicalhacking.com/tag/log4j/) - [log4jscan](https://www.blackhatethicalhacking.com/tag/log4jscan/) - [log4j Honeypot Flask](https://www.blackhatethicalhacking.com/tag/log4j-honeypot-flask/) - [spray365](https://www.blackhatethicalhacking.com/tag/spray365/) - [azure](https://www.blackhatethicalhacking.com/tag/azure/) - [office 365](https://www.blackhatethicalhacking.com/tag/office-365/) - [osmedeus](https://www.blackhatethicalhacking.com/tag/osmedeus/) - [ivy](https://www.blackhatethicalhacking.com/tag/ivy/) - [commit stream](https://www.blackhatethicalhacking.com/tag/commit-stream/) - [sqlmap](https://www.blackhatethicalhacking.com/tag/sqlmap/) - [WitnessMe](https://www.blackhatethicalhacking.com/tag/witnessme/) - [cryptosteganography](https://www.blackhatethicalhacking.com/tag/cryptosteganography/) - [crypto](https://www.blackhatethicalhacking.com/tag/crypto/) - [steganography](https://www.blackhatethicalhacking.com/tag/steganography/) - [stratus red team](https://www.blackhatethicalhacking.com/tag/stratus-red-team/) - [atomic red team](https://www.blackhatethicalhacking.com/tag/atomic-red-team/) - [sandbox](https://www.blackhatethicalhacking.com/tag/sandbox/) - [sandbox defender](https://www.blackhatethicalhacking.com/tag/sandbox-defender/) - [odin](https://www.blackhatethicalhacking.com/tag/odin/) - [swaks](https://www.blackhatethicalhacking.com/tag/swaks/) - [smtp](https://www.blackhatethicalhacking.com/tag/smtp/) - [hacking tool](https://www.blackhatethicalhacking.com/tag/hacking-tool/) - [write up](https://www.blackhatethicalhacking.com/tag/write-up/) - [metagoofil](https://www.blackhatethicalhacking.com/tag/metagoofil/) - [endpoints](https://www.blackhatethicalhacking.com/tag/endpoints/) - [scapy](https://www.blackhatethicalhacking.com/tag/scapy/) - [fibratus](https://www.blackhatethicalhacking.com/tag/fibratus/) - [uncover](https://www.blackhatethicalhacking.com/tag/uncover/) - [swaggerhole](https://www.blackhatethicalhacking.com/tag/swaggerhole/) - [swaggerhub](https://www.blackhatethicalhacking.com/tag/swaggerhub/) - [SysWhispers3](https://www.blackhatethicalhacking.com/tag/syswhispers3/) - [antivirus](https://www.blackhatethicalhacking.com/tag/antivirus/) - [psrecon](https://www.blackhatethicalhacking.com/tag/psrecon/) - [boomerang](https://www.blackhatethicalhacking.com/tag/boomerang/) - [proxmark3](https://www.blackhatethicalhacking.com/tag/proxmark3/) - [RFID](https://www.blackhatethicalhacking.com/tag/rfid/) - [smap](https://www.blackhatethicalhacking.com/tag/smap/) - [reconftw](https://www.blackhatethicalhacking.com/tag/reconftw/) - [crontab](https://www.blackhatethicalhacking.com/tag/crontab/) - [linux](https://www.blackhatethicalhacking.com/tag/linux/) - [keethief](https://www.blackhatethicalhacking.com/tag/keethief/) - [keepass](https://www.blackhatethicalhacking.com/tag/keepass/) - [postexploitation](https://www.blackhatethicalhacking.com/tag/postexploitation/) - [passwords](https://www.blackhatethicalhacking.com/tag/passwords/) - [findomain](https://www.blackhatethicalhacking.com/tag/findomain/) - [mosint](https://www.blackhatethicalhacking.com/tag/mosint/) - [scanmycode-ce](https://www.blackhatethicalhacking.com/tag/scanmycode-ce/) - [scanmycode](https://www.blackhatethicalhacking.com/tag/scanmycode/) - [source code](https://www.blackhatethicalhacking.com/tag/source-code/) - [pdf](https://www.blackhatethicalhacking.com/tag/pdf/) - [dorking](https://www.blackhatethicalhacking.com/tag/dorking/) - [arjun](https://www.blackhatethicalhacking.com/tag/arjun/) - [qsreplace](https://www.blackhatethicalhacking.com/tag/qsreplace/) - [vulnerability assessment](https://www.blackhatethicalhacking.com/tag/vulnerability-assessment/) - [deepsleep](https://www.blackhatethicalhacking.com/tag/deepsleep/) - [domain analyzer](https://www.blackhatethicalhacking.com/tag/domain-analyzer/) - [Metabigor](https://www.blackhatethicalhacking.com/tag/metabigor/) - [MobSF](https://www.blackhatethicalhacking.com/tag/mobsf/) - [Mobile Security Framework](https://www.blackhatethicalhacking.com/tag/mobile-security-framework/) - [lupo](https://www.blackhatethicalhacking.com/tag/lupo/) - [jfscan](https://www.blackhatethicalhacking.com/tag/jfscan/) - [httploot](https://www.blackhatethicalhacking.com/tag/httploot/) - [0rcus](https://www.blackhatethicalhacking.com/tag/0rcus/) - [orcus](https://www.blackhatethicalhacking.com/tag/orcus/) - [Digital Operational Resilience Act (DORA)](https://www.blackhatethicalhacking.com/tag/digital-operational-resilience-act-dora/) - [dora](https://www.blackhatethicalhacking.com/tag/dora/) - [dora compliance](https://www.blackhatethicalhacking.com/tag/dora-compliance/) ## Courses - [Complete Offensive Security & Ethical Hacking Course](https://www.blackhatethicalhacking.com/video-lesson/course/complete-offensive-security-ethical-hacking-course/) - [The Bug Bounty Hunting Course](https://www.blackhatethicalhacking.com/video-lesson/course/the-bug-bounty-hunting-course/) ## Product categories - [Uncategorized](https://www.blackhatethicalhacking.com/product-category/uncategorized/)