RunPE: a practical example of Process Hollowing technique

About the “Process Hollowing” i have already written some posts (like this). However, i’ve never published any practical example. So, today i want to quote this interesting article where Tigzy explains the process hollowing with a brief code snippet. in wich the process hollowing is explained with a brief code …

Securing your system with Quad9 DNS

Quad9 is a free security solution that uses DNS to protect systems against the most common cyber threats. Its is developed in collaboration with IBM, Packet Clearing House and Global Cyber Alliance. How it works? Quad9 routes your DNS queries through a network of servers wich uses threat intelligence in …

How to retrieve user’s passwords from a Windows memory dump using Volatility

About Volatility i have written a lot of tutorials, now let’s try to use this information in a real context extracting the password hashes from a windows memory dump, in 4 simple steps. 1. Identify the memory profile First, we need to identify the correct profile of the system: [email protected]:~# …

SQLiv: a massive SQL injection scanner

SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities. It uses known dorks in order to find vulnerable URLs. Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing …