Skip to main content
Pentest Blog

Pentest Blog

  • Advisories
  • Operating System
  • Application Security
  • Network
  • Tools
  • Article Series
  • About Us

Unexpected Journey #3 – Visiting Another SIEM and Uncovering Pre-auth Privileged Remote Code Execution

March 10, 2017March 16, 2017 Mehmet Ince 2 Comments

This is the third part of our article series that intended to share my real-life penetration testing experience.In this article, I will share a whole process of how we managed to find a -0day- pre-auth RCE vulnerability on another SIEM product. Read More

Art of Anti Detection 3 – Shellcode Alchemy

March 8, 2017April 9, 2019 Ege Balci 9 Comments

This article will deal with basic shellcoding and similar concepts, assembly level encoder/decoder design and few methods for bypassing anti exploit solutions such as Microsoft’s Enhanced Mitigation Experience Toolkit(EMET). Read More

Advisory | CVE-2017-6398 Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution

February 16, 2017March 17, 2017 Mehmet Ince Leave a comment

In this article, we  will show details and metasploit module for vulnerability that affects Trend Micro’s IMSVA solution.

Read More

Unexpected Journey #2 – Taking Down Entire Domain Using Vulnerabilities of a SIEM Product

February 16, 2017February 16, 2017 Mehmet Ince 5 Comments

As I said on my previous article, being a penetration tester makes us feel like a group of traveler. Today, I would like to share a details about yet another 0day vulnerability we’ve found during penetration test which later lead us to take down entire domain network. Read More

Unexpected Journey into the AlienVault OSSIM/USM During Engagement

January 31, 2017February 2, 2017 Mehmet Ince 6 Comments

Being a penetration tester makes us feel like a group of traveler. Discovering the internal world of the institution during engagement gives us the opportunity to make unexpected journeys. In this article, I will share a details of how we got an access to the heart of the company. Read More

Posts pagination

Newer posts 1 … 5 6 7 … 9 Older posts

PRODAFT Cyber Intelligence and Cyber Security Services

Recent Posts

  • Advisory | NetModule Router Software Race Condition Leads to Remote Code Execution
  • Advisory | Roxy-WI Unauthenticated Remote Code Executions CVE-2022-31137
  • Advisory | GLPI Service Management Software Multiple Vulnerabilities and Remote Code Execution
  • LiderAhenk 0day – All your PARDUS Clients Belongs To Me (CVE-2021-3825)
  • Pardus 21 Linux Distro – Remote Code Execution 0day 2021 CVE-2021-3806

Latest Comments

  • Ege Balci on Art of Anti Detection 3 – Shellcode Alchemy
  • Chase Run Taylor on Art of Anti Detection 1 – Introduction to AV & Detection Techniques
  • Mehmet İnce on Unexpected Journey #4 – Escaping from Restricted Shell and Gaining Root Access to SolarWinds Log & Event Manager (SIEM) Product
  • 0x00 on Unexpected Journey #4 – Escaping from Restricted Shell and Gaining Root Access to SolarWinds Log & Event Manager (SIEM) Product
  • Mehmet İnce on Unexpected Journey #4 – Escaping from Restricted Shell and Gaining Root Access to SolarWinds Log & Event Manager (SIEM) Product

Tags

0day 1day advisory alienvault android application assembly bof burp bypass crypter decoder dns EMET encoder exploit hook iat icmp in-memory IOT linux malware metasploit multi-stage nas packer php ransomware rce reflective research reverse reversing secure coding securityonion self-defence shellcode siem sql injection sqlmap stager storage tunneling windows

Awarded Top 15 Pentest Blog

Pentest Blogs
INVICTUS Cyber Security & Intelligence Services | Theme by Colorlib Powered by WordPress