Kaysel | Cybersecurity

Kaysel

Sign in Subscribe

Introduction to Binary Exploitation on Linux 6. Basic Shellcode crafting

Introduction to Binary Exploitation on Linux

Introduction to Binary Exploitation on Linux 6. Basic Shellcode crafting

Introduction Shellcodes are one of the most key aspects of exploiting a code vulnerability as they allow, among other things, remote execution of commands on the machine with the vulnerable software. It could be considered as the icing on the cake after having found a vulnerability in the code. For

Introduction to Web Hacking with Python

Introduction to Web Hacking with Python

Introduction In this article, I am going to teach some concepts about how Python can be used for hacking web applications. To do this, I am going to use ipython3, which is nothing more than an interactive shell that allows you to run Python code. After reading the article, you

Introduction to Active Directory 6. NTLM Basics

Introduction to Active Directory

Introduction to Active Directory 6. NTLM Basics

Introduction NTLM is a Microsoft proprietary protocol used for authentication in communications between two Windows computers and was introduced as an improvement over the LM protocol, the latter having proved to be too insecure. This protocol is of the challenge and response type and allows a user to be authenticated

Introduction to Binary Exploitation on Linux 5. Smash the Stack

Introduction to Binary Exploitation on Linux

Introduction to Binary Exploitation on Linux 5. Smash the Stack

Introduction In this article, we will perform our first exploit of a vulnerable code :). In addition, I will introduce dynamic code analysis. This is a very common technique that is often used when writing exploits, and I am sure it will be very useful in the future. So let's get

Introduction to Active Directory 5. Introduction to users

Introduction to Active Directory

Introduction to Active Directory 5. Introduction to users

Introduction In chapter 1 we introduced the three pillars of an active directory which are machines, users and domains. We have been talking quite a bit about Windows machines in the last few chapters, so we are going to leave this topic aside for now. The following chapters are going

Introduction to Binary Exploitation on Linux 4. Disassembly and sections of an ELF binary

Introduction to Binary Exploitation on Linux

Introduction to Binary Exploitation on Linux 4. Disassembly and sections of an ELF binary

Introduction In this chapter, we are going to take a closer look at how dynamic library relocations are performed in ELF binaries. We will also begin to perform static analysis of the binary, as this will be useful when creating exploits. Finally, we wil lstudy the most important sections of

Introduction to Active Directory 4. Authentication and secrets on Windows machines

Introduction to Active Directory

Introduction to Active Directory 4. Authentication and secrets on Windows machines

Introduction In this chapter, I will cover the authentication process that is performed in Windows systems, as well as an introduction of the different protocols that exist to perform this process. Once seen this, I will comment on where the secrets or user credentials are usually stored. Windows logon Windows

Introduction to Binary Exploitation on Linux 3. The C compilation process

Introduction to Binary Exploitation on Linux

Introduction to Binary Exploitation on Linux 3. The C compilation process

Introduction In chapter 1 we introduced in a quick way the process of compiling a binary. In this chapter, we will now move on to testing using the gcc compiler to see this process more clearly and understand it at a low level. To do this, we will use the

API Hacking 1. Introduction to hacking APIs

API Hacking 1. Introduction to hacking APIs

Introduction APIs are very commonly used by web applications nowadays. That is why I am going to write a series of articles covering different hacking techniques related to them. What is an API ? Application Programming Interface (API) is a software interface that provides a computer friendly method to interacting with

Introduction to Binary exploitation on Linux 2. Assembler functions

Introduction to Binary Exploitation on Linux

Introduction to Binary exploitation on Linux 2. Assembler functions

Introduction In this chapter, we are going to finish with the basic theory before we start to do more practical things. For this purpose, I am going to introduce in this chapter theory about the assembler function convention. Function calling convention in x32 A function's frame refers to the space

Introduction to Active Directory 3. Windows Computers

Introduction to Active Directory

Introduction to Active Directory 3. Windows Computers

Introduction Normally, in an active directory domain, most machines make use of the Windows operating system and there are not only Domain Controllers. There are also Workstations (Windows 10/ Windows 7 machines) or servers to host applications (Windows Server machines). In today's post, we will focus on how to find

Introduction to Binary Exploitation on 1. Assembly

Introduction to Binary Exploitation on Linux

Introduction to Binary Exploitation on 1. Assembly

Introduction In this series, I will share my experience learning about binary exploitation techniques. It is one of my weak points, as it is one of the most complex topics to start with, but this year 2023 I have decided to give it a try :P For this I have

Introduction to Active directory 2. Domain Controllers and the NTDS

Introduction to Active Directory

Introduction to Active directory 2. Domain Controllers and the NTDS

Domain Controllers As we discussed in the previous chapter, the Domain Controller is the central server that provides the Active Directory Domain Services (AD DS). This means that it is the one that maintains the database where all the domain objects are stored, in addition to providing different services for

Offensive security lab 1. Create your work environment with Proxmox!

Offensive security lab 1. Create your work environment with Proxmox!

Introduction In this series, I will show you how to create a lab to practice hacking techniques. This first post is going to focus on setting up a basic Windows hacking practice environment using Proxmox. However, soon, I also plan to show how to better configure the lab network, how

Introduction to Active Directory 1. Domains, computers and users.

Introduction to Active Directory

Introduction to Active Directory 1. Domains, computers and users.

Introduction to the series The first post of this blog will be dedicated to the functioning of active directory. It is one of the topics that I like the most and that is most often found in offensive security projects. A year ago, I started a project called Igris which

Coming soon

This is Kaysel, a brand new site by Rubén Santos García that's just getting started. Things will be up and running here shortly, but you can subscribe in the meantime if you'd like to stay up to date and receive emails when new content is published!