Executive Summary : YARA is an open-source tool used for malware analysis. This tool was developed by Victor Alvarez of Virus Total. YARA stands for “Yet Another Ridiculous Acronym”. YARA is simply a malware analysis tool used to detect patterns of malware characteristics in files, using a rule-based approach. …

What actually is Malicious macro? A malicious macro, or macro virus is a computer virus that replaces a macro. When these actions and commands are replaced by a virus, this can cause significant harm to a computer. By and large, macro viruses are launched by simply opening a document I was enthusiastic and uncertain at…

CVE 2021–4034 : Local Privilege Escalation Vulnerability on polkit’s pkexec utility. — Let’s play a game of attack and detect. Let’s imagine here you are the an attacker and I’m a victim but …… I’ll detect you down. Shall we begin the game now? Description of the vulnerablity A local privilege escalation vulnerability was found on polkit’s pkexec utility. The pkexec application is a setuid tool…

What is Active Directory? Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralized domain management. However, Active Directory eventually became an umbrella title for a…

EternalBlue is exploit developed by NSA and leaked by the hacking group Shadow broker on April 14,2017. Scanning the target with Nmap. nmap -sV — script vulners 10.10.125.120 Scanning if the target is vulnerable to ms17_010 auxiliary(scanner/smb/smb_ms17_010) >

In this write-up I will be demonstrating how hacker can hack into your computer when you run malicious application from the internet. My attacker computer will be Kali-Linux and victim’s computer will be Windows. Fire-up your browser to http://localhost.run/ Let’s generate ssh key.