Article Series

As Pentest.blog team, we are publishing series of articles in different subjects. You can access the article series at the following addresses.

Art of Anti Detection

This article series is intended to focus on low level topics. By following this serie, you will learn how to evade from anti-virus softwares, writing your own shellcode and many more.

Art of Anti Detection 1 – Introduction to AV & Detection Techniques

Art of Anti Detection 2 – PE Backdoor Manufacturing

Art of Anti Detection 3 – Shellcode Alchemy

Unexpected Journey

Being a penetration tester makes us feel like a group of traveler. Discovering the internal world of the institution during engagement gives us the opportunity to make unexpected journeys. In this article series, you will learn with our approach to penetration testing as well as how did we manage to identify critical vulnerability on most popular SIEM solutions.

Unexpected Journey into the AlienVault OSSIM/USM During Engagement

Unexpected Journey #2 – Taking Down Entire Domain Using Vulnerabilities of a SIEM Product

Unexpected Journey #3 – Visiting Another SIEM and Uncovering Pre-auth Privileged Remote Code Execution

Unexpected Journey #4 – Escaping from Restricted Shell and Gaining Root Access to SolarWinds Log & Event Manager (SIEM) Product

Unexpected Journey #5 – From weak password to RCE on Symantec Messaging Gateway (CVE-2017-6326)

Unexpected Journey #6 – All ways lead to Rome ! Remote Code Execution on MicroFocus Secure Messaging Gateway