Reasons why client-side authentication is a bad idea. — So what is actually client-side authentication? To put it in a simple way, the user’s side is actually doing the authentication and not the server. Modern days, authentication requests are sent to the server, and the server uses that information to authenticate the user. How does one do client-side authentication? Simple, you can just use JavaScript…

Hi! So if you’re using Microsoft Office and you been around for quite a while. You probably heard about Macros? But what are actually Macros and what can we do with them? Taken from the official Microsoft documentation. A macro is a series of commands that you can use to…

Today we’re going to analyze a case on LetsDefend.io platform which detects there has been malware on the network. Case Details Event time : March 21,2021, 1:04 P.M Source Address : 172.16.17.5 Source Hostname : SusieHost File Name : winrar600.exe File Hash : c74862e16bcc2b0e02cadb7ab14e3cd6 Analysis Static Analysis Doing a simple file command on the executable…

Hello friends, picoCTF 2022 concluded a month ago and it was a lot of fun, picoCTF is a CTF that mainly targets beginner who are learning about CTFs. Enough talking let’s get into the challenge Challenge The challenge I’ll be talking about today is in the Reverse Engineering category. So we…

HTTP response is how the web-server tells you what is going on. If you get a 200 status code, that means everything went well. 301? You’re being redirected. But 500? It usually means there is an error by the back-end server. But multiple 500 responses? That’s something worth looking at. …

You probably have heard in the news the term, ransomware. To put it simply simply, ransomware is specific type of malware that limits users from accessing their system. The most common one we’re seeing is basically the attacker encrypting every document or anything in particular and demanding a ransom. If…

In the days of today, passwords and pin numbers are something that are very important to everyone. Your password should be something that is incredibly strong and super hard to guess. It could be super long phrase like : i_like_to_eat_apples_on_a_saturday_morning Or it could be just something random : hajHmanS$! But…

If you think October is only the spooky month, well you’re wrong! October is also known as Cyber Security Month!. To celebrate the month, HackTheBox renewed their Starting-Point which is a path for beginner that want to start hacking to learn. And I must say it is very well made. …

Okay so its the year 2021 and we’re almost in 2022. And technology has been evolving much more and we’re more reliant on communicating online using our accounts. …