Security Research & Development
zux0x3a 
Research Agenda Part1 – porting the backdoor for windows (READY) Part2 – porting the backdoor for Linux/Unix (IN PROGRESS) Part3 – hiding the process (IN PROGRESS) Part4 – provision of techniques (IN PROGRESS) RootKits Definitions According to Greg Hoglund, a rootkit is “a set of programs and code that allows a permanent or consistent, undetectable presence on a … Read more
understand the specific tactics, techniques, and procedures (TTP) attackers are leveraging to compromise the active directory, this document is being updated regularly grabbed from different sources Table of Contents Discovery Privilege Escalation Defense Evasion Credential Dumping Lateral Movement Persistence Defense & Detection Discovery SPN Scanning SPN Scanning – Service Discovery without Network Port Scanning Active … Read more
Intro Despite the fact, XDR products play bulletproof against newly cyber by newly updated built-in defensive techniques and procedures, there are small holes in the development face of such products which could let intruders get used to it to gain an ability to disable or suspend or even use it as a way of persistent. … Read more
Intro 0xsp mongoose red is a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfiguration, and privilege escalations attacks. 0xsp mongoose red version is provided to assist your needs during cybersecurity simulation, by using this version you will be able to audit a targeted windows operation system for system … Read more
intro I recently started to do Live streaming on twitch and youtube to cover some techniques and do some live coding sessions. The first try was great, and your support is one of the key factors I look for. In this article, I will write a detailed description of the concept and how I used … Read more
intro The Windows Command Prompt (sometimes called the DOS prompt) is a tool that allows administrators to invoke system-wide commands to make administration easier and more efficient. The average user has little use for this tool. many administration prevents users to have a command prompt enabled for their access, as too is considered good practice … Read more
a collection of commonly used payloads needed for web application testing (fuzzing), the payloads have been collected from different resources and will be updated frequently. if you wanna contribute by sharing your own payloads don’t hesitate to join our channel on telegram intruder payloads XSS payloads https://0xsp.com/storageCenter/1589118426.txt XXE Payloads https://0xsp.com/storageCenter/1589118968.txt Command injection payloads windows https://0xsp.com/storageCenter/1589119529.txt … Read more
During attack Simulation, you may face Symantec Email Security Cloud (Message Lab ) while conducting a phishing campaign. Message Lab stops known and unknown techniques while delivering malicious email content. The Email Security.cloud service helps organizations combat these threats through advanced perimeter defenses and our proprietary SkepticTM technologies. Operating at the Internet level with automatic … Read more
In this blog, I am going to explain some of the unique features of 0xsp mongoose, which I am sure most of the red teamers still didn’t try to explore the powerful tactics of this framework. so take a chance to spend 2 minutes to read these two unique features Lateral movements Lateral movement refers … Read more
Gathering information Stage port scanning Nmap Network exploration tool and security/ port scanner nmap [Scan Type] [Options] {target specification} HOST DISCOVERY: -sL: List Scan – simply list targets to scan -sn/-sP: Ping Scan – disable port scan -Pn: Treat all hosts as online — skip host discovery SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP … Read more