How Malware Hides Inside ZIP Files & Why Most Defenses Still Miss It Press enter or click to view image in full sizeThe other day I was reading an article about zip file... 2026-5-21 08:34:13 | 阅读: 24 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com phishing payload attackers analysis chains

Assertion101 Proving Grounds Walkthrough (Intermediate) | Complete Write-Up The first step in approaching this machine was reconnaissance. Understanding which services were exp... 2026-5-21 08:33:59 | 阅读: 21 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com ssh aria2c machine payload passwd

The Loud Failure: How a Broken WebSocket Leaked a Master Key to the Backend Press enter or click to view image in full sizeIn bug bounty hunting, we often spend a lot of time l... 2026-5-21 08:33:48 | 阅读: 21 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com baas client frontend scoped 36origin

Bug Bounty Bootcamp #37: SSRF in PDFs, Screenshots, and Bypassing Localhost Filters You found a PDF generator that fetches URLs. The developer blocked localhost and 127.0.0.1. Game ove... 2026-5-21 08:32:25 | 阅读: 23 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com ssrf webpage focuses linkwelcome

Can Pure Modbus Break a Reactor? Oldsmar, Stuxnet & FrostyGoop, Tested You can speak Modbus to a chemical reactor as freely as its own engineer. Breaking it, though, isn’t... 2026-5-21 08:31:28 | 阅读: 20 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com setpoint plc 502 modbus mbtget

I Typed My Own Email Into 7 OSINT Tools. What Came Back Scared Me. Press enter or click to view image in full sizeThese free tools can build a complete digital profile... 2026-5-21 08:30:25 | 阅读: 26 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com username exposure whatsmyname security intelx

An AI-Enhanced Workflow for Signature Evasion Testing Developing a PowerShell AMSI Bypass with AIBackgroundContextIn offensive security, capabilities have... 2026-5-21 08:11:55 | 阅读: 13 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com bypass malicious mimikatz threatcheck

How to Detect Lateral Movement with Elastic SIEM: SOC Analyst Hands-On Lab | Hunt Forward Lab #006 Hunt Forward Lab #006 — Threat Hunting for Pass-the-Hash and Token Impersonation | MITRE ATT&CK T155... 2026-5-21 08:10:54 | 阅读: 19 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com scada winlog lateral hunt

Open Source Security IT Platform: Threat Detection, Logging, Alerts, AI and SSO integration. A real-world implementation with Wazuh, Graylog, MongoDB, Grafana, Nginx, OAuth2-Proxy, Redis, AI an... 2026-5-19 09:3:55 | 阅读: 31 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com proxy wazuh graylog oauth2 security

Why InfoSec Needs A Seat at the CX Table And Vice VersaPress enter or click to view image in full sizePhoto by Dylan Gillis on UnsplashIn 202... 2026-5-19 09:3:18 | 阅读: 23 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com cx rattled security hacks truth

SQL & NoSQL Injection in APIs-The Vulnerability That Still Puts YOUR Data at Risk Press enter or click to view image in full sizeIntroductionEvery day, millions of API requests are m... 2026-5-19 09:1:42 | 阅读: 20 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com injection database coupon nosql sizepress

SQL & NoSQL Injection in APIs-The Vulnerability That Still Puts YOUR Data at Risk Press enter or click to view image in full sizeIntroductionEvery day, millions of API requests are m... 2026-5-19 09:1:42 | 阅读: 17 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com injection database coupon nosql sizepress

MartiniAD Active Directory Lab Walkthrough [HackSmarter] Hey hackers!Hope you’re all doing great and staying curious. Lately, I’ve been spending a lot of tim... 2026-5-19 09:1:33 | 阅读: 22 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com ttl microsoft windows dry martini

Secrets That Survive Everything The Runtime Security Gap Left UnguardedPress enter or click to view image in full sizeYears of shift... 2026-5-19 09:1:24 | 阅读: 25 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com client apim security bearer

Secrets That Survive Everything The Runtime Security Gap Left UnguardedPress enter or click to view image in full sizeYears of shift... 2026-5-19 09:1:24 | 阅读: 23 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com client apim security bearer

They Didn’t Hack You. They Hacked What You Trust. Press enter or click to view image in full sizePicture this.It is a Tuesday morning. Your team’s CI... 2026-5-19 09:1:18 | 阅读: 22 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com worm software attackers security github

The Sleeper Agent Bug: How One HTML Payload Lay Hidden for Months to Attack My Inbox ⏳ Press enter or click to view image in full sizeA short recon story about a delayed HTML injection, a... 2026-5-19 09:0:53 | 阅读: 28 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com payload escaping security rendered evaluated

The Sleeper Agent Bug: How One HTML Payload Lay Hidden for Months to Attack My Inbox ⏳ Press enter or click to view image in full sizeA short recon story about a delayed HTML injection, a... 2026-5-19 09:0:53 | 阅读: 20 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com payload rendered escaping security dread

gRPC Penetration Testing for Beginners Press enter or click to view image in full sizePhoto by Jefferson Santos on UnsplashModern applicati... 2026-5-19 09:0:47 | 阅读: 27 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com grpc security sizephoto dozens kubernetes

A Pentester’s Methodology for Toxic Vulnerability Combinations How a Low, a Medium, and a High Compose Into a CriticalPress enter or click to view image in full si... 2026-5-19 09:0:37 | 阅读: 12 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com salt qa catalog attacker