Yaksas CSC

Your Guardian in the Cyber World

  • Yaksas CSC Home
  • Home
  • About Us
    • Overview
    • Why Yakṣas?
  • Got a Question?
    • Cyber Security Basics
    • Cyber Security Education & Career
    • How to stay safe?
  • Get Invloved
    • Write for Us
    • YCSC QnA Dialogue
    • Translate Articles
  • Contact Yakṣas
  • Press Release
    • NCSAM 2015 Champion
    • STOP. THINK. CONNECT. Partner

AttackDefense: TShark Basics Walk-through

Hacking APIs

Book Review: Hacking API

Career in Cyber Security

Cyber Security Education & Career

Mona.py for exploit devs: 6 must know commands

Uday Mittal July 23, 2019 Leave a Comment

Mona.py for exploit devs: 6 must know commands

When it comes to exploit development for Microsoft Windows, Mona.py is the go to library for most security researchers. In this post I list six commands that I use often. Watch the video for demonstration. What is Mona.py? A pycommand for Immunity Debugger, designed and developed to aid the exploit development process Automates various tasks […]

Filed Under: Hacks, Technology Tagged With: bad character analysis, corelan, corelancoder, Cyber Security, ethical hacking, exploit development, immunity debugger, infosec, mona library, offensive security, osce, oscp, Peter Van Eeckhoutte

Understand and restrict admin access in your organization

Uday Mittal July 15, 2019 Leave a Comment

Understand and restrict admin access in your organization

In today’s time, providing users with unjustified administrator access on their work systems, could lead to significant business loss. A careless user may download a benign looking file and the next moment you may find yourself battling an organization wide ransomware attack. Here’s a quick guide for small business owners on how to tame this […]

Filed Under: Awareness, Technology Tagged With: administrator access restriction, cybersecurity, Information Security, least privilege, secure access

SLAE: Assignment #5.3

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.3

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: Contents of file /etc/issue: Testing shellcode with run_shellcode.c Let’s analyze the shellcode with gdb: Placed a breakpoint at code […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #5.2

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.2

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: /etc/passwd file before executing the shellcode: Testing shellcode with run_shellcode.c Let’s analyze the shellcode with gdb: Placed a breakpoint […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #5.1

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #5.1

Assignment Task: Take up at least 3 shellcode samples created using msfvenom for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Shellcode chosen: Shellcode options: Command to generate shellcode: Generated shellcode: File permission before exectuing the shellcode: Testing shellcode with run_shellcode.c Chmod system call details: The chmod system call takes […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #4

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #4

Assignment Task: Create a custom encoding scheme, similar to “Insertion Encoder” PoC with using execve-stack as the shellcode to encode with schema and execute The encoding scheme chosen for this assigmnet is AddWelve encoding scheme. It is a variant of caesar cipher in which the byte is shifted forward 12 bytes. The algorithm is as […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #3

Uday Mittal January 22, 2019 Leave a Comment

SLAE: Assignment #3

Assignment Task: Study about the Egg Hunter shellcode Create a working demo of the Egghunter Should be configurable for different payloads About Egg Hunters Egg Hunter is a mechanism to locate a piece of code in an application’s Virtual Address Space (VAS). This technique is primarily used in exploits where the accessible buffer space is […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #6

Uday Mittal January 16, 2019 Leave a Comment

SLAE: Assignment #6

Assignment Task: Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat pattern matching The polymorphic versions cannot be larger 150% of the existing shellcode Shellcode 1: shutdown -h now Shell-Storm Link: http://shell-storm.org/shellcode/files/shellcode-876.php The original shellcode was 56 bytes in size. Link to original code: https://github.com/yaksas443/SLAE/blob/master/Assignment%206/6-1/shellcode-6-1-orig.nasm https://github.com/yaksas443/SLAE/blob/master/Assignment%206/6-1/run-shellcode-6-1-orig.c Techniques used to modify […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #2

Uday Mittal January 16, 2019 Leave a Comment

SLAE: Assignment #2

Assignment Task: Create a Shell_Reverse_TCP shellcode Reverse connects to configured IP and Port Execs shell on successful connection IP and Port should be easily configurable The TCP reverse shell is used to connect back to the attacking machine, with an interface to execute commands on the target machine. The TCP reverse shell code consists of […]

Filed Under: Skills Development, SLAE

SLAE: Assignment #1

Uday Mittal January 16, 2019 Leave a Comment

SLAE: Assignment #1

Assignment Task: Create a Shell_Bind_TCP shellcode Binds to a port Execs shell on incoming connection Port number should be easily configurable The TCP bind shell is used to setup a listener (or server) on the target machine which allows the attacker machine to execute commands on the said machine. The TCP bind shell code consists […]

Filed Under: Skills Development, SLAE

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • 5
  • …
  • 8
  • Next Page »

Optin Form

Search

Follow us on Twitter

My Tweets

Categories

Tags

Active directory adsecurity adsi adsisearcher adversary emulation Android attack active directory awareness blue whale challenge Certification CISSP Cloud security command and control crte crtp cyber-warfare Cyber Security Cybersecurity books Cybersecurity Cannon domain enumeration Edward Snowden forest enumeration hacker Information Security ISACA Kali Linux Mass Surveillance Mobile Security Narendra Modi NSA offensive security Online Safety Password Penetration Testing pentest poshc2 powersploit Powerview privacy red team red teaming Risk Management Social Media user enumeration Wifi

Top Posts

  • 7 Ways to Cover Your Device's Camera
    7 Ways to Cover Your Device's Camera
  • Mona.py for exploit devs: 6 must know commands
    Mona.py for exploit devs: 6 must know commands
  • Social-Engineer Toolkit: An Introduction
    Social-Engineer Toolkit: An Introduction
  • CISA: Everything You Need to Know
    CISA: Everything You Need to Know
  • Active Directory User Enumeration using PowerView
    Active Directory User Enumeration using PowerView
  • Red Team Operations Attack Lifecycle
    Red Team Operations Attack Lifecycle

© Copyright 2020 ElliteDevs · All Rights Reserved · Powered by WordPress