Menu

Articles of @neoslab

All articles written by @neoslab
Remote Network Penetration via NetBios using Linux and Samba
Remote Network Penetration via NetBios using Linux and Samba

A recent study carried out in December 2019 by French researchers shows that more than 60% of Windows systems using the NetBios service use a standard [...]

NetBiosLinuxWindowsSambaWorkGroupSMB
Hackers can Steal Data by Tweaking Monitors Brightness
Hackers can Steal Data by Tweaking Monitors Brightness

Israeli researchers at Ben-Gurion University detailed a method, dubbed Brightness, to steal data from computers by capturing brightness video changes of the [...]

ScreenCameraBrightnessVulnerabilityAir-GapInvisible
Discover Hidden Subdomains of a given Domain using Dnsmap
Discover Hidden Subdomains of a given Domain using Dnsmap

In this new tutorial we'll see how to find the subdomains of a given domain name using Dnsmap. Dnsmap is mainly meant to be used by pen-testers during the [...]

DnsmapScanningDNSNetworkdomainSubdomainBruteforce
Getting Started with Bettercap 2 on Ubuntu and Other Derived Distros
Getting Started with Bettercap 2 on Ubuntu and Other Derived Distros

In this new article we will see together how to get started with the Bettercap 2, the Swiss Army knife for WiFi, Bluetooth Low Energy devices, Wireless HID and [...]

ARPBettercapDNSNetworkPoisoningProxySpoofing
Microsoft Customer Support Exposed 250 Million User Records
Microsoft Customer Support Exposed 250 Million User Records

Conversations between company employees and customers around the world, which took place between 2005 and 2019, were exposed without the need of a password or [...]

DataleakMicrosoftBreachesCyber-SecurityFlaw
Snatch Restarts PCs in Safe Mode to Bypass Antivirus Detection
Snatch Restarts PCs in Safe Mode to Bypass Antivirus Detection

Unlike most ransomware, Snatch also steals files on infected networks. The authors of Snatch ransomware use a novel trick to evade antivirus software and [...]

RansomwareSnatchSafe ModeRDPVNCWebShell
752.000 US Birth Certificate Applications Exposed Online
752.000 US Birth Certificate Applications Exposed Online

Detected by the British company Fidus Information Security and revealed by TechCrunch, more than 752,000 copies of US birth certificates have been exposed on [...]

DataleakAWSFidusTechCrunchCivil Acts
Exploit Shellshock Vulnerability CVE 2014-6271 using Metasploit
Exploit Shellshock Vulnerability CVE 2014-6271 using Metasploit

A recent study from November 2019 shows that the security vulnerability called ShellShock CVE-2014-6271 discovered in 2014 would still be present on a large [...]

BashMetasploitOpenSSHShellshockVulnerability
Android a New Flaw Exposes User Banking Data and Passwords
Android a New Flaw Exposes User Banking Data and Passwords

Promon security researchers discovered a new flaw on Android smartphones, StrandHogg would make vulnerable all versions of the operating system of Google.

AndroidMalwareStrandHoggPlaystoreFlaw
Microsoft 44 million users reused credentials hacked in early 2019
Microsoft 44 million users reused credentials hacked in early 2019

Microsoft has used a database of hacked IDs to identify users who reuse them without worrying about the risks involved. The US giant has identified 44 million [...]

MicrosoftBreachesCyber-SecurityPasswordUsernameHacking
No, Facebook isn't Spying on you ! At Least Not on Messenger
No, Facebook isn't Spying on you ! At Least Not on Messenger

Facebook would spy on our private conversations within its Messenger service, to better communicate them to companies buying advertising space. This is the [...]

FacebookSpyingGDPRMessengerWhatsApp
Getting Started with Sqlmap for Pentest and Ethical Hacking
Getting Started with Sqlmap for Pentest and Ethical Hacking

Using SQLmap can be tricky when you are not familiar with it. This SQLmap tutorial aims to present the most important functionalities of this popular SQL [...]

DumpHashInjectionSQLISqlmapPython