OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…

OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…

Database Penetration Testing

In this post, I would like to share knowledge and experience while doing Database Penetration Testing. The purpose of Penetration Testing is to find vulnerabilities within the system and simulate…

QRLJACKING and QRLJACKER

In this post, i would like to share one attack method that will take advantage on QR Code which called Quick Response Code Login Jacking (QRLJacking). QRLJacking is a new…

Vulnerabilities Assessment vs Penetration Testing

In this post, I would like to share the difference between Vulnerabilities Assessment vs Penetration Testing during real-life security testing. However, some organizations might want to do Vulnerabilities Assessment and…

Privileges Escalation for Linux and Windows Operating System

What is Privileges Escalation For those are not very familiar with Privilege Escalation, it is an act of exploiting vulnerabilities or bug where the attacker will take advantages of the…

Active Directory Penetration Testing

Active Directory Penetration Testing normally covers exploiting misconfiguration within the Active Directory(AD). I’m still in the progress of learning Active Directory Penetration Testing so let learn together. Let recap on…

AWS Penetration Testing Review

What is AWS Penetration Testing? AWS (Amazon Web Service) Penetration Testing can also be considered as one of the areas that pentester will invest in during Red Team Activities. The…

DLL Attack Review Part 1

I would like to share a few details and tricks to DLL Attack that can be useful to some people out there. DLL (Dynamic Link Libraries) attack is an attack…

XML Injection Attack review

In this post, I would like to share about XML Injection Attack that might be useful for some scenarios. For those who are not familiar with XML Injection attack, XML…