Account takeover is a common practice that threatens the security of users and their data. The impact on victims depends on the type of account targeted. It can be minor if it’s a customer loyalty account but becomes critical for a corporate administrator account.

Attacks use a variety of techniques, often based on large-scale campaigns to steal as many credentials as possible. However, there are also application vulnerabilities enabling more targeted account takeover. The presence of these vulnerabilities represents a major risk for companies, especially if an administrator account is compromised.

In an office environment, user workstations generally use Windows operating systems and therefore authenticate using protocols developed by Microsoft.

And to centralise authentication management, Microsoft provides its Active Directory (AD), which is based on the Kerberos protocol. However, some machines do not implement this protocol and some networks simply do not have an Active Directory. In these cases, there is the NTLM protocol, which can work between two machines without AD or via the Netlogon process.

You’ve probably heard about the arrival of LLMs in a big way, at least with ChatGPT.

LLM (Large Language Model) refers to language processing models. These models are trained to perform all types of linguistic tasks: translation, text generation, question answering, etc.

Often, when we hear about Java serialization, we find resources or challenges that only talk about generating and executing ysoserial payloads.

In some situations, this can work. However, as soon as a customer is aware of this possibility, rather than using a more secure format, they generally prefer to use a library such as notsoserial which prevents the deserialization of unauthorized classes.

In the space of 5 years, the number of Denial of Service (DoS) attacks has almost doubled. The result is the paralysis of tens of millions of web platforms and the loss of thousands or even millions of euros by victim organisations.

Companies such as Amazon and GitHub have already been affected by this type of attack. One of the best-known attacks is MIRAI, which used a botnet of nearly 100,000 hijacked machines to make Dyn’s services unavailable in 2016.

Antivirus, anti-malware and EDR are tools commonly used to prevent attacks.

However, these solutions can be bypassed. In this article, we take a closer look at the various antivirus and EDR bypass techniques that can be implemented in a loader: a program whose aim is to execute a malicious payload on a machine by bypassing the various protections in place.

Passwords are still the most common way of authenticating a user. However, setting up a password management system that is both simple and secure can sometimes be tricky.

Indeed, the password reset feature is an interesting target for an attacker, as it can facilitate the theft of user accounts if poorly implemented.

Burp is an essential offensive security tool. It is used by a majority of professionals (including us pentesters) and is dedicated mainly to pentesting web applications.

In this article, we’ll take a look at Burp Suite’s main features and key extensions.

Exploiting a RCE vulnerability for a pentester is something of a Holy Grail. Depending on the context, there are numerous techniques for executing code remotely and thus exploit a RCE.

Beyond the principle of this type of vulnerability, we present in this article examples of RCE attacks and exploitations, as well as best practices and measures to implement to protect yourself.