Whitepaper called Credential Dumping Cheatsheet. It covers locations of data and various tooling you can use to find passwords.
029b308e2946943240e7d06eea765f709be7c1af2173b93f3e636ef0b7313a94
Whitepaper called Breaking the Business Logics It is intends to provide the idea of business logic vulnerabilities and how to exploit them. There are theoretical scenarios as well where common flaws are discussed.
bdfa585849987cf27ac17432358edb5741e616a3b4025257978012426a6b0fa0
This whitepaper acts as a cheatsheet for methodologies to apply with Linux and Windows privilege escalation.
f9978ce5a9ca16e00a1d0a0a5a2c07c964a65b40e70e191a128d82f940f14ae3
This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.
bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520
Microsoft SMBv3 CVE-2020-0796 whitepaper that discusses the workings, exploitation, and mitigations.
9154829412e6f27bbd51d39811e1acf07f15b9daf04fbad8e3cb61e74d7e6c62
This is a brief whitepaper that goes over some tooling that can be of assistance while performing reconnaissance against a web application prior to attack.
efa89877156455ecbe4998579276a2b7f88564aac2a446ce3a8fdb5d7a98c52c
Whitepaper called Android Vulnerability in ES File Explorer. It provides an overview of manual exploitation of ES File Explorer version 4.1.9.7.4 using counterfeit requests over HTTP.
9b0d580d48451b1cfce532d6de5bf7c4caa5faf0493949998e87a7e17ccea3df
This whitepaper goes through identification and exploitation of the SMB Ghost vulnerability.
1598b7f81fc0fd106b6abbd1f0e5a9da28fc8f2cbf5e4b6c0db7946666870aa5
This whitepaper goes into detail on how to leverage a Chrome Browser use-after-free vulnerability in FileReader with Metasploit.
426daf836d595f934234e05cd94b8dc830e5e8415fdebf4f297113f87753387c
This whitepaper provides an overview of Autopsy, the graphical interface for the Sleuthkit.
45c9afa0c7451bc0554cf50748ab04b2650e7eadf00ab14203577af0ba3d74f2
This whitepaper is a guide to performing memory forensics using volatility. It goes into depth on using the Volatility framework to analyze memory dumped from a live system.
f9036bb369a6f8ab886ff9ad5a769c0561265e1425026f58996107393ca77473
Whitepaper called Active Directory Penetration Testing. Written in Turkish.
ea2487963fa1d18c78f0962ee60bb105f6a02d1297c01cf32cf2313bc0174348
Whitepaper called Mobile Security and Penetration Testing. Written in Turkish.
56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173
This whitepaper is an introductory guide to Digital Forensics. It provides a high level understanding of protocol and roles.
a676db8f5ab0381a2e9ea5b5adf74019397945ebdb2b6bc06f10b3b04670452d
This whitepaper is a guide to using FTK Imager for digital forensics.
3c78ef29175142feb10177e89ff96cbd355c362ecc8bb3edd23f41ce3f657e0f
This whitepaper is a cheatsheet that goes over various methods of port forwarding and tunnelling of traffic.
f746945e0edd3c4bd4aae5ea59672c53f016e834378ed2e6fb4ef5da07d76bb2
Whitepaper called Malware Hunting 101. Written in Vietnamese.
4c7c6fc0b06cba7e2b4fb8988f1c690f57a0745feb25e07266255d76ec474755
Whitepaper called Android Application Vulnerabilities. Written in Vietnamese.
25a9be443e83e5ebb65adc0990933e8bc358ae4df7692ffa351cac1c3505acde
Whitepaper called The Art of XSS Escalation. Written in Arabic.
088983d1e195264ef86a8052cc18fba112eea7d80f2378b96329b6967956b052
This whitepaper compiles notes that can be useful to security researchers if access to the administrative API is achieved.
f8cdc318a0a8b674d987eeded8c3380504f6b4cfc7f2b06383775cf521817fc1
Whitepaper called UFW - A Beginners Guide to Linux Firewall. The white paper is intended to provide information about a Linux firewall using a simple tool called UFW. It provides complete information on the tool and various ways through which users can create their own firewall rules to protects their assets.
929a14440f90b95d514c1cc14167b4adf7935f3c685443589bebc547833118c8
Whitepaper called Deep Insight into Social Engineering.
1bed6e836dd7d227a5222043c99f27a70f0462e635d99fdc95fcd8a95a94dc11
Whitepaper called Practical Insight into Injections. This document describes the meaning, working, implementation, and impact of injection vulnerabilities.
6a5ae62578e03e5fae5499de0f9c9079fad4dbf7a91b087fa7ff48b6c628a503
Whitepaper called Blind SSRF with Shellshock Exploitation. It discusses how an attacker can leverage shellshock to also perform server-side request forgery attacks.
7135db566d6a1f125f17694d97ca08918b679ef937c65f279dc51bdf3a889d01
Whitepaper called A Hands-On Approach To Linux Privilege Escalation. This document is intended to provide multiple techniques that a pentester can use to escalate their privileges and gain access to higher roles.
310fda8af6653a1631b701e34fda63984b79da47abf4d0c694660655c07035b4