ThreatNinja | Penetration Testing
755 FOLLOWERS
Follow this blog for articles on Penetration Testing.
ThreatNinja | Penetration Testing
1y ago
What is Docker Escape Method?
Firstly, we are required to understand the importance of Docker escape or also containers escape which was infrastructure that is used by virtual or day-to-day operations for all enterprises. The case of cybersecurity incidents is been risen nowadays, especially the docker escape which we will be able to learn on this post.
However, the docker escape attack is surely different from the endpoint security surface where the attack might take action inside the container.
The Breaking out Method Details
So, normally breaking out from the docker or container was called ..read more
ThreatNinja | Penetration Testing
1y ago
In the post, i would like to share some knowledge on Cloud Penetration Testing for learning purposes
What is Cloud Penetration Testing?
There are some Penetration Testing that has been executed within the organization and one of them is Cloud Penetration Testing Activity. It is an activity that has been designed so that the tester will access the strength and weaknesses of any application that resides inside the cloud system.
The main purpose for the activity are such as follows:
Identify risks, vulnerabilities, and gaps
Impact of exploitable vulnerabilities
Determine how to leverage any acce ..read more
ThreatNinja | Penetration Testing
1y ago
What is API Penetration Testing?
For those who are not familiar with API Penetration Testing, it’s a test activity that involves all the processes of vulnerability assessment and ensures that the client is implementing very solid endpoints for their APIs environment.
Why does the company need to do API Penetration?
Any malicious actors can easily access the insecure APIs which will damage the application and the Penetration Testing activity on the selected application will be executed so that the company will obtain a secured and tested API application.
It’s a JSON message that appears on the ..read more
ThreatNinja | Penetration Testing
1y ago
A little bit of explanation on Kerberos and Impacket
In this post, I would like to share my knowledge and skills about the Kerberos which we will take advantage of Impacket script
For those who are not familiar with Kerberos, it’s a protocol in which the server will authenticate the service request among the trusted hosts with an untrusted network like the internet itself. Microsoft has been using the Kerberos protocol since Windows 2000 for its default authentication method which is implemented inside the Windows Operation System.
As we know, we will use the Kerberos tool on the Windows Opera ..read more
ThreatNinja | Penetration Testing
1y ago
In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability.
What is IDOR Vulnerability?
For those who are not familiar with IDOR vulnerability, it’s an attack type that accesses control vulnerability that is executed when the application is use the user-supplied input to access the object directly. Normally, IDOR vulnerability can be considered as most commonly associated with horizontal privilege escalation, but it can also arise in relation to vertical privilege escalation
Demonstration of IDOR vulnerability
The demonstration of the IDOR ..read more
ThreatNinja | Penetration Testing
2y ago
In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper into it, I will try to explain what is SQL Injection for those who are not familiar with it.
SQL injection is an attack that makes the injection possible to execute some malicious Statements related to an SQL database. An attacker will be able to control a database server that sits behind a web application by trying to bypass the security measures that the web developer coded into the web application.
There are three types of SQL Injection that w ..read more
ThreatNinja | Penetration Testing
2y ago
In this post, I would like to share a way to bypass AV detection by using HoaxShell which that tool has been created by t3l3machus.
What is HoaxShell?
HoaxShell is a tool that contains unconventional Windows Reverse Shell which can be undetected by Mircosoft Defender. Guys, Don’t worry about the usage of the tool because it seems to be easy to use even for non-Security personnel.
The tool has been tested on the Operating System such as:
Windows 11 Enterprise
Windows Server 2016 Datacenter
Windows 10 Pro
Demo for the tool usage
We are required to download the tool into our attacker’s machine ..read more
ThreatNinja | Penetration Testing
2y ago
What is Server-Side Template Injection?
An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side template injection or also known as SSTI.
Normally, the attacks will work when the attacker makes use of the user input which is concatenated directly into a template. As a result, the attacker will be able to inject a malicious such as arbitrary template directives so that they will manipulate the template engine.
We can aware that the attack works when reviewing the vulnerable source code such as shown bel ..read more
ThreatNinja | Penetration Testing
2y ago
Web Application Assessment Information
Firstly, we need to understand why Web Application Assessment is important to any organization out there. As people should be aware by now, Web Applications have played an important and vital role in an organization’s future which is also exposed to cybercriminals attacks.
A pentester will be doing Penetration Testing on the Web Application to find all vulnerabilities while the attacks need one. For Web, Application Assessment will use the testing methodology such as WSTG – Latest | OWASP Foundation
What is Burp Suite?
Burp Suite can be considered as one ..read more
ThreatNinja | Penetration Testing
2y ago
In this post, i would like to share one attack method that will take advantage on QR Code which called Quick Response Code Login Jacking (QRLJacking).
QRLJacking is a new method that most people might not even heard before. QRLJacking is a direct and easy social engineering method which expose via session hijacking with all the application that rely highly on the “Login with QR Code” feature.
https://www.youtube.com/watch?v=JCoPSdQvESc
Source : WhatsApp Accounts QRLJacking and ARP poisoning Injection by Seekurity.com
Exploitation Framework Used for the QRLJacking
All attack vector has its own ..read more